我不提供任何Spring Security配置,每个请求URL都重定向到登录页面。我已经使用具有必需的Spring Security依赖关系的“ Spring Initializr”创建了Spring Boot应用程序。
为什么将每个请求重定向到登录页面?如何禁用它?
我尝试过删除所有安全配置。
@SpringBootApplication
public class SpringbootJwtExampleApplication {
public static void main(String[] args) {
SpringApplication.run(SpringbootJwtExampleApplication.class, args);
}
}
public interface VehicleRepository extends JpaRepository<Vehicle, Long> {
}
@Data
@Entity
public class Vehicle {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Long id;
private String name;
}
@RestController
@RequestMapping("/v1/vehicles")
public class VehicleController {
@Autowired
private VehicleRepository vehicleRepository;
@GetMapping("")
public ResponseEntity getAll(){
return ok(vehicleRepository.findAll());
}
}
当我请求http://localhost:8080/v1/vehicles时 其重定向到登录页面。它应该请求实际的请求。
答案 0 :(得分:0)
根据Spring Security documentation,WebSecurityConfigurerAdapter类提供以下默认配置:
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.and()
.httpBasic();
}
要覆盖这些默认设置,请编写自己的WebSecurityConfig,例如:
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// Your own rules
}
}
答案 1 :(得分:-1)
如果要禁用临时Spring安全性,请在Spring主类中添加注释@SpringBootApplication(exclude = {SecurityAutoConfiguration.class})
@SpringBootApplication(exclude = {SecurityAutoConfiguration.class})
public class DemoApplication
{
public static void main(String[] args)
{
SpringApplication.run(DemoApplication.class, args);
}
}
另一种解决方案是通过扩展 课
@Configuration
@EnableWebSecurity
public class BasicConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
//customize the configs
}
}
最后,如果您的项目不需要安全性,请删除pom.xml文件中的spring安全性依赖项。