@Override
protected void configure(HttpSecurity http) throws Exception {
http
.cors().and()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests()
.antMatchers("/home/**")
.permitAll()
.and()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.addFilterBefore(new JwtAuthenticationFilter(this.jwtProperties, authenticationManagerBean(), jwtTokenUtil), RequestCacheAwareFilter.class)
.addFilterBefore(new ExceptionHandlerFilter(), JwtAuthenticationFilter.class)
.authenticationProvider(jwtAuthenticationProvider())
.authenticationProvider(loginAuthenticationProvider());
}
使用了 permitAll 允许路径,但是/home/test请求仍然被拦截了