产品供销存-后端
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
RuoYi
2023-01-11 c5915defe6a1ce21028f9c381e869ae47b8cd52b 
 src/main/java/com/ruoyi/framework/config/SecurityConfig.java


@@ -98,10 +98,12 @@


        // 注解标记允许匿名访问的url



        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity.authorizeRequests();



        permitAllUrl.getUrls().forEach(url -> registry.antMatchers(url).permitAll());



 






        httpSecurity



                // CSRF禁用,因为不使用session



                .csrf().disable()



                // 禁用HTTP响应标头



                .headers().cacheControl().disable().and()



                // 认证失败处理类



                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()



                // 基于token,所以不需要session