我自定义了登录接口/doLogin 为什么也会被springSecurity识别为未授权呢?
@Bean
LoginFilter loginFilter() throws Exception{
LoginFilter loginFilter = new LoginFilter();
loginFilter.setAuthenticationManager(authenticationManagerBean());
loginFilter.setAuthenticationSuccessHandler(loginSuccessHandler);
loginFilter.setFilterProcessesUrl("/doLogin");
return loginFilter;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/doLogin").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("http://localhost:8080/login")
.and()
.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint)
.and()
.addFilterAt(loginFilter(),UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(apiFilter, UsernamePasswordAuthenticationFilter.class)
.csrf().disable();
}