@Override
protected void configure(HttpSecurity http) throws Exception
{
http.authorizeRequests()
.antMatchers("/actuator/**","/instances/**").permitAll()//不对springboot-admin监控的请求进行权限校验
.and().
formLogin()
.loginPage("/base-login.html") //自定义的登录页面 **重要**
.loginProcessingUrl("/login") //原始的处理登录的URL,保持和base-login.html的form表单的action一致 **重要**
.permitAll() //放开 **重要**
.and()
.authorizeRequests().antMatchers(HttpMethod.OPTIONS,"/oauth/**","/login/**","/logout/**").authenticated()// **重要**
.and()
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS,
"/oauth/*",
"/**/**/*.js",
"/token/**").permitAll()
.anyRequest().authenticated()
.and().csrf().disable();
}
spring-security-oauth2放行静态资源及心跳检查
猜你喜欢
转载自blog.csdn.net/u013008898/article/details/120093566
今日推荐
周排行