首页

access=“permitAll”和 filters=“none”之间的区别?

java spring spring-security
2022-09-02 09:42:15

以下是Spring Security petclinic示例的一部分:

<http use-expressions="true">
    <intercept-url pattern="/" access="permitAll"/>
    <intercept-url pattern="/static/**" filters="none" />
    <intercept-url pattern="/**" access="isAuthenticated()" />
    <form-login />
    <logout />
</http>

access=“permitAll”和 filters=“none”有什么区别?

网址: http://static.springsource.org/spring-security/site/petclinic-tutorial.html


答案 1

不同之处在于,为指定的URL禁用Spring Security过滤器,而不禁用过滤器配置授权。filters = "none"access = "permitAll"

在实践中,当它背后的资源需要Spring Security的某些功能时,可能会导致问题。例如,您不能将其用于在提交时执行编程登录的用户注册页面(用户授予的权限始终为:ROLE_ANONYMOUS?)。filters = "none"


答案 2

推荐
更多 »
标签
更多 »
php pass-by-reference optional-parameters default-value javascript arrays dom function string object serialization tostring visibility syntax jslint use-strict operators equality equality-operator identity-operator datetime timestamp date-arithmetic redirect angularjs loops foreach iteration scope variables
推荐
更多 »