我从Spring Boot 1.5.x升级=> 2.2.2,现在我的HttpSecurity无法正常工作。我无法访问/admin/login
(自定义登录页面)甚至/robots.txt
。我希望仅在/api/v2/*
上启用OAuth(并在/oauth/token
上启用HTTP基本认证)。它提供了XML错误页面
<oauth>
<error_description>
Full authentication is required to access this resource
</error_description>
<error>unauthorized</error>
</oauth>
我有
String[] securedPaths = new String[] {
"/api/v2/*"
};
@Override
public void configure(HttpSecurity http) throws Exception{
http.authorizeRequests()
.antMatchers(securedPaths).authenticated()
.and()
.httpBasic();
我尝试过
http.authorizeRequests()
.antMatchers(securedPaths).authenticated();
和
http.authorizeRequests()
.antMatchers(securedPaths).authenticated()
.antMatchers("/**").permitAll();
但这没用。