尝试这样的事情:
You should try this, may be it will help you:@Configuration@EnableWebSecurity@Profile("container")public class SOAPSecurityConfig extends WebSecurityConfigurerAdapter {@Autowiredprivate AuthenticationProvider authenticationProvider;@Autowiredprivate AuthenticationProvider authenticationProviderDB;@Override@Order(1)protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(authenticationProvider);}@Order(2)protected void ConfigureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(authenticationProviderDB);}@Override public void configure(WebSecurity web) throws Exception { web .ignoring() .antMatchers("/scripts/**","/styles/**","/images/**","/error/**"); }@Overridepublic void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/rest/**").authenticated() .antMatchers("/**").permitAll() .anyRequest().authenticated() .and() .formLogin() .successHandler(new AuthenticationSuccessHandler() { @Override public void onAuthenticationSuccess( HttpServletRequest request, HttpServletResponse response, Authentication a) throws IOException, ServletException { //To change body of generated methods, response.setStatus(HttpServletResponse.SC_OK); } }) .failureHandler(new AuthenticationFailureHandler() { @Override public void onAuthenticationFailure( HttpServletRequest request, HttpServletResponse response, AuthenticationException ae) throws IOException, ServletException { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); } }) .loginProcessingUrl("/access/login") .and() .logout() .logoutUrl("/access/logout") .logoutSuccessHandler(new LogoutSuccessHandler() { @Override public void onLogoutSuccess( HttpServletRequest request, HttpServletResponse response, Authentication a) throws IOException, ServletException { response.setStatus(HttpServletResponse.SC_NO_CONTENT); } }) .invalidateHttpSession(true) .and() .exceptionHandling() .authenticationEntryPoint(new Http403ForbiddenEntryPoint()) .and() .csrf()//Disabled CSRF protection .disable(); }}
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)