这是我在WebSecurityConfig extends WebSecurityConfigurerAdapter
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors()
.and()
.csrf().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().authorizeRequests()
.antMatchers("/", "/favicon.ico", "/**/*.png", "/**/*.gif", "/**/*.svg", "/**/*.jpg", "/**/*.html",
"/**/*.css", "/**/*.js").permitAll()
.antMatchers("api/v1/data/**").permitAll()
.antMatchers(HttpMethod.POST,"api/v1/users/").permitAll()
.antMatchers(HttpMethod.POST,"api/v1/users/login/").permitAll()
.antMatchers(HttpMethod.POST,"api/v1/users/verify/phone/").permitAll()
.antMatchers(HttpMethod.POST,"api/v1/users/checkNumber/").permitAll()
.antMatchers(HttpMethod.POST, "api/v1/users/**").permitAll().anyRequest().authenticated();
// Add our custom JWT security filter
http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
}
在这种方法中,我添加了对api/v1/users/login/
的无限制访问权限,但是当我调用登录名时,我得到了401 Unauthorized
。我的代码有什么问题?