gpt4 book ai didi

java - Spring 安全OAuth2 : permitAll() doesn't work for me (HTTP 401 for unprotected endpoins)

转载 作者:行者123 更新时间:2023-12-02 02:06:09 25 4
gpt4 key购买 nike

我必须在一堆未答复的帖子中添加另一篇帖子来表明同样的问题。我正在使用 Spring Boot 2.1.6.RELEASE 和 spring-security-oauth2 2.1.5.RELEASE。我有以下资源配置:

@Configuration
public class RdfResourceServerConfig extends ResourceServerConfigurerAdapter
{
@Override
public void configure(HttpSecurity httpSecurity) throws Exception
{
httpSecurity
.csrf().disable()
.authorizeRequests().antMatchers("/, /**/test/**").permitAll()
.and().authorizeRequests().anyRequest().authenticated();
}
}

基于此配置,我期望 GET 位于 http://localhost:8080/.../test/是允许的,但它返回 HTTP 401:

{
"error": "unauthorized",
"error_description": "Full authentication is required to access this resource"
}

当然,我的应用程序类声明了所有必需的注释:

@SpringBootApplication
@EnableResourceServer
public class ReferenceDataFactoryApplication extends SpringBootServletInitializer
{
public static void main(String[] args)
{
SpringApplication.run(ReferenceDataFactoryApplication.class, args);
}

@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder builder)
{
return builder.sources(ReferenceDataFactoryApplication.class);
}
...
}

非常感谢您让我知道我做错了什么。

亲切的问候,

尼古拉斯

最佳答案

如注释中所述“/,/**/test/**” 不是有效模式。 AntMatcher 每次方法调用采用 1 个字符串模式。

.antMatcher(”/”)
.antMatcher(”/**/test/**”)

关于java - Spring 安全OAuth2 : permitAll() doesn't work for me (HTTP 401 for unprotected endpoins),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57356487/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com