#I8I2EW 修复@PermitAll注解失效问题,
原因:@PermitAll注解方法的@RequestMapping未指定method时,PermitAll配置不生效, 解决方案:未指定method时将4个请求方法均加入result 结果pull/67/head
parent
522ab17902
commit
7fd2ef7e8a
|
@ -17,6 +17,7 @@ import org.springframework.security.web.AuthenticationEntryPoint;
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
import org.springframework.security.web.access.AccessDeniedHandler;
|
import org.springframework.security.web.access.AccessDeniedHandler;
|
||||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||||
|
import org.springframework.web.bind.annotation.RequestMethod;
|
||||||
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.method.HandlerMethod;
|
||||||
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
||||||
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
|
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
|
||||||
|
@ -160,8 +161,16 @@ public class YudaoWebSecurityConfigurerAdapter {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
Set<String> urls = entry.getKey().getPatternsCondition().getPatterns();
|
Set<String> urls = entry.getKey().getPatternsCondition().getPatterns();
|
||||||
|
//未指定请求方法则将4个Restful方法均添加到 result 结果
|
||||||
|
Set<RequestMethod> methods = entry.getKey().getMethodsCondition().getMethods();
|
||||||
|
if (methods.isEmpty()) {
|
||||||
|
result.putAll(HttpMethod.GET, urls);
|
||||||
|
result.putAll(HttpMethod.POST, urls);
|
||||||
|
result.putAll(HttpMethod.PUT, urls);
|
||||||
|
result.putAll(HttpMethod.DELETE, urls);
|
||||||
|
}
|
||||||
// 根据请求方法,添加到 result 结果
|
// 根据请求方法,添加到 result 结果
|
||||||
entry.getKey().getMethodsCondition().getMethods().forEach(requestMethod -> {
|
methods.forEach(requestMethod -> {
|
||||||
switch (requestMethod) {
|
switch (requestMethod) {
|
||||||
case GET:
|
case GET:
|
||||||
result.putAll(HttpMethod.GET, urls);
|
result.putAll(HttpMethod.GET, urls);
|
||||||
|
|
Loading…
Reference in New Issue