java - 授权路线

问题描述

我在使用 Spring Security 时遇到了一些问题。我在链过滤器中声明了一个给定的路由，就像授权一样

.antMatchers("/autorized/route/**").permitAll()

并且我有另一条未授权的路线，并且需要访问令牌，但是当我尝试访问授权路线时，我收到此错误：

org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:379)
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:223)\
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124) 
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)

我遇到了同样的问题：

@Override
public void configure(WebSecurity web) throws Exception {
    web
        .ignoring()
            .antMatchers("/autorized/route/**")
            .antMatchers(HttpMethod.OPTIONS, "/**");
}

顺便说一下方法 rout 是：POST

有什么解释吗？

标签： javaspringspring-bootspring-security