我在使用Spring Security时遇到了一些麻烦。我在链式过滤器中声明了给定的路线,就像经过授权的
.antMatchers("/autorized/route/**").permitAll()
并且我有另一条未授权的路由,并且需要访问令牌,但是当我尝试访问授权的路由时出现此错误:
org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:379)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:223)\
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
即使在以下情况下,我也遇到相同的问题:
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/autorized/route/**")
.antMatchers(HttpMethod.OPTIONS, "/**");
}
方法溃败的方式是: POST
有没有说明?