#I8I2EW 修复@PermitAll注解失效问题,
原因:@PermitAll注解方法的@RequestMapping未指定method时,PermitAll配置不生效, 解决方案:未指定method时将4个请求方法均加入result 结果pull/67/head
parent
522ab17902
commit
7fd2ef7e8a
|
@ -17,6 +17,7 @@ import org.springframework.security.web.AuthenticationEntryPoint;
|
|||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.access.AccessDeniedHandler;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.method.HandlerMethod;
|
||||
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
|
||||
|
@ -160,8 +161,16 @@ public class YudaoWebSecurityConfigurerAdapter {
|
|||
continue;
|
||||
}
|
||||
Set<String> urls = entry.getKey().getPatternsCondition().getPatterns();
|
||||
//未指定请求方法则将4个Restful方法均添加到 result 结果
|
||||
Set<RequestMethod> methods = entry.getKey().getMethodsCondition().getMethods();
|
||||
if (methods.isEmpty()) {
|
||||
result.putAll(HttpMethod.GET, urls);
|
||||
result.putAll(HttpMethod.POST, urls);
|
||||
result.putAll(HttpMethod.PUT, urls);
|
||||
result.putAll(HttpMethod.DELETE, urls);
|
||||
}
|
||||
// 根据请求方法,添加到 result 结果
|
||||
entry.getKey().getMethodsCondition().getMethods().forEach(requestMethod -> {
|
||||
methods.forEach(requestMethod -> {
|
||||
switch (requestMethod) {
|
||||
case GET:
|
||||
result.putAll(HttpMethod.GET, urls);
|
||||
|
|
Loading…
Reference in New Issue