最近使用springboot、security、druid做个项目的时候,登录druid监控页面时,刚开始集成完成后可以正常登陆,在项目做完后登录的时候发现无法登陆,输入用户名和密码admin,admin,点击sign in,怎么点都没反应,使用浏览器F12查看控制台信息,发现点击sign in时候,打印如下错误
解决方法 https://blog.csdn.net/juan0728juan/article/details/79624676
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/").permitAll()
.antMatchers("/hello").hasRole("USER").and()
//.csrf().disable() //关闭CSRF
.csrf().requireCsrfProtectionMatcher(new RequestMatcher() {
//放行这几种请求
private Pattern allowedMethods = Pattern.compile("^(GET|HEAD|TRACE|OPTIONS)$");
//放行rest请求,当然后面rest与web将会分开,到时这里可以删除
private RegexRequestMatcher unprotectedMatcher = new RegexRequestMatcher("^/rest/.*", null);
@Override
public boolean matches(HttpServletRequest request) {
if(allowedMethods.matcher(request.getMethod()).matches()){
return false;
}
String servletPath = request.getServletPath();
if (servletPath.contains("/druid")) {
return false;
}
return !unprotectedMatcher.matches(request);
}
}).and()
.formLogin().loginPage("/login").defaultSuccessUrl("/hello").and()
.logout().logoutUrl("/logout").logoutSuccessUrl("/login");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}