问题
I try to implement spring security, but I have many roles and privileges, then I want to add the roles dynamically to each other resources. Like it:
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
//PageRequest p = new PageRequest(0, 1000);
List<RolePrivilegeConfig> rolePrivilegesConfig=rolePrivilegeConfigService.findAll();
for (RolePrivilegeConfig rolePrivilegeConfig : rolePrivilegesConfig) {
http.authorizeRequests()
.antMatchers("/login").permitAll()
.antMatchers(rolePrivilegeConfig.getResource())
.access(rolePrivilegeConfig.getRoleName())
.anyRequest().authenticated();
} }
I have this error:
Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: Can't configure antMatchers after anyRequest.
How can I put all matchers and call request after?
回答1:
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
//PageRequest p = new PageRequest(0, 1000);
List<RolePrivilegeConfig> rolePrivilegesConfig=rolePrivilegeConfigService.findAll();
http.authorizeRequests()
.antMatchers("/login").permitAll();
for (RolePrivilegeConfig rolePrivilegeConfig : rolePrivilegesConfig) {
http.authorizeRequests()
.antMatchers(rolePrivilegeConfig.getResource())
.access(rolePrivilegeConfig.getRoleName());
}
http.authorizeRequests()
.anyRequest().authenticated();
}
来源:https://stackoverflow.com/questions/58420224/how-to-add-matchers-to-httpsecurity-spring-web-secure