spring-boot - Spring Security 在不登录的情况下显示 url

问题描述

在我的 Vaadin 应用程序中，我想使用 spring security 来保护一些页面。登录和注销功能都可以正常工作，但我想要的是当 vaadin 应用程序启动时，他应该仍然能够访问“注册视图类”。为此，我使用以下安全配置类。

public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

private static final String LOGIN_PROCESSING_URL = "/login";
private static final String LOGIN_FAILURE_URL = "/login?error";
private static final String LOGOUT_SUCCESS_URL = "/login";

/**
 * Require login to access internal pages and configure login form.
 */
@Override
protected void configure(HttpSecurity http) throws Exception {
    // Not using Spring CSRF here to be able to use plain HTML for the login page
            http.csrf().disable()

                    // Register our CustomRequestCache, that saves unauthorized access attempts, so
                    // the user is redirected after login.
                    .requestCache().requestCache(new CustomRequestCache())

                    // Restrict access to our application.
                    .and().authorizeRequests()
                    .antMatchers("/", "/VAADIN/**", "/HEARTBEAT/**", "/UIDL/**", "/resources/**"
                            , "/registration", "registration", "/login/**", "/manifest.json", "/icons/**", "/images/**",
                            // (development mode) static resources
                            "/frontend/**",
                            // (production mode) static resources
                            "/frontend-es5/**", "/frontend-es6/**").anonymous()

                    // Allow all flow internal requests.
                    .requestMatchers(SecurityUtils::isFrameworkInternalRequest).permitAll()

                    // Allow all requests by logged in users.
                    .anyRequest().authenticated()
                                
                    // Configure the login page.
                    .and().formLogin().loginPage(LOGIN_PROCESSING_URL).permitAll().loginProcessingUrl(LOGIN_PROCESSING_URL)
                    .failureUrl(LOGIN_FAILURE_URL)

                    // Configure logout
                    .and().logout().logoutSuccessUrl(LOGOUT_SUCCESS_URL);
}

我的 RegistrationView 类如下所示

@Route(value = "registration", layout = MainView.class)
@RouteAlias(value = "registration", layout = MainView.class)
@CssImport("./styles/views/login/registration.css")
public class Registration extends Div {

private static final long serialVersionUID = -1223086666624645746L;

private TextField username;

private TextField email;

private PasswordField password;

private PasswordField password2;

private Button userRegistrationSubmitButton;

使用当前架构，无论我做什么，只要我启动我的应用程序，我就会被重定向到登录页面。我怎么能解决这个问题？提前致谢..

标签： spring-bootspring-securityvaadinvaadin10