我认为这在 xml 配置中很容易,但是当我现在使用 java 代码配置时,我迷路了,所以谁能告诉我如何配置 spring security 以允许对静态资源目录进行非安全检查?
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests().antMatchers(actuatorEndpoints()).hasRole(backendAdminRole)
.and()
.authorizeRequests().antMatchers(apiEndpoints()).hasRole(frontendUserRole)
***//what code can I add here to make static directory/recourse not checked by spring security?***
.anyRequest().authenticated()
.and().anonymous().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedEntryPoint());
;
}
非常感谢你的好意首先