| | |
|---|
| | | "/**/*.js" |
|---|
| | | ).permitAll() |
|---|
| | | .antMatchers(securityProperties.getAnonymous()).anonymous() |
|---|
| | | .antMatchers(securityProperties.getPermitAll()).permitAll() |
|---|
| | | // 除上面外的所有请求全部需要鉴权认证 |
|---|
| | | .anyRequest().authenticated() |
|---|
| | | .and() |
|---|
| | | .headers().frameOptions().disable(); |
|---|
| | | httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler); |
|---|
| | | httpSecurity.logout().logoutUrl(securityProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler); |
|---|
| | | // 添加JWT filter |
|---|
| | | httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class); |
|---|
| | | // 添加CORS filter |
|---|
