SpringBoot+SpringSecurity 不拦截静态资源的实现_Java教程

SpringBoot+SpringSecurity 不拦截静态资源的实现

2020-09-21 00:18南淮北安 Java教程

这篇文章主要介绍了SpringBoot+SpringSecurity 不拦截静态资源的实现，文中通过示例代码介绍的非常详细，对大家的学习或者工作具有一定的参考学习价值，需要的朋友们下面随着小编来一起学习学习吧

一、问题描述

在 SpringBoot 中加入 SpringSecurity 中之后，静态资源总是被过滤，导致界面很难看：

SpringBoot+SpringSecurity 不拦截静态资源的实现

目录结构：

SpringBoot+SpringSecurity 不拦截静态资源的实现

二、问题解决

正常不拦截资源，我查阅资料，基本都是重新 config 方法即可：

				?

									package org.yolo.securitylogin.config;

									import org.springframework.context.annotation.Bean;

									import org.springframework.context.annotation.Configuration;

									import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

									import org.springframework.security.config.annotation.web.builders.HttpSecurity;

									import org.springframework.security.config.annotation.web.builders.WebSecurity;

									import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

									import org.springframework.security.crypto.password.NoOpPasswordEncoder;

									import org.springframework.security.crypto.password.PasswordEncoder;

									/**

									 * @Auther: Yolo

									 * @Date: 2020/9/12 13:05

									 * @Description:

									 */

									@Configuration

									public class SecurityConfig extends WebSecurityConfigurerAdapter {

									  @Bean

									  PasswordEncoder passwordEncoder() {

									    return NoOpPasswordEncoder.getInstance();

									  }

									  @Override

									  protected void configure(AuthenticationManagerBuilder auth) throws Exception {

									    //在内存中进行配置

									    auth.inMemoryAuthentication()

									        .withUser("yolo")

									        .password("123").roles("admin");

									  }

									  @Override

									  public void configure(WebSecurity web) throws Exception {

									    //web.ignoring().antMatchers("/static/js/**", "/static/css/**", "/static/images/**");

									    web.ignoring().antMatchers("/js/**", "/css/**","/images/**");

									  }

									  @Override

									  protected void configure(HttpSecurity http) throws Exception {

									    http.authorizeRequests()

									        .anyRequest().authenticated()

									        .and()

									        .formLogin()

									        .loginPage("/login.html")

									        .permitAll()//跟登录相关的页面统统放行

									        .and()

									        .csrf().disable()

									    ;

									  }

									}

常规方法是：

				?

									@Override

									  public void configure(WebSecurity web) throws Exception {

									    web.ignoring().antMatchers("/js/**", "/css/**","/images/**");

									  }