以下是我正在使用的安全过滤器
<security:http pattern="/api/**" create-session="never"
access-decision-manager-ref="accessDecisionManager" entry-point-ref="oauthAuthenticationEntryPoint"
use-expressions="true" auto-config="false">
<security:anonymous enabled="false" />
<security:custom-filter ref="resourceServerFilter"
before="PRE_AUTH_FILTER" />
<security:intercept-url pattern="/api/**"
access="isAuthenticated()" method="GET" />
<security:access-denied-handler ref="oauthAccessDeniedHandler" />
<security:expression-handler ref="oauthWebExpressionHandler" />
<security:csrf disabled="true" />
</security:http>
我想向相同的拦截网址添加“ permitAll()”访问权限,即“ / api / **”,但方法=“ OPTIONS” 我尝试以为GET方法定义的方式添加它,但无法正常工作。 任何帮助将不胜感激。