产品供销存-后端
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
RuoYi
2022-12-07 e7bdc0900d94ffb6eb553a89418daa87b8995da4 
 src/main/java/com/ruoyi/framework/config/SecurityConfig.java


@@ -98,10 +98,12 @@


        // 注解标记允许匿名访问的url



        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity.authorizeRequests();



        permitAllUrl.getUrls().forEach(url -> registry.antMatchers(url).permitAll());



 






        httpSecurity



                // CSRF禁用,因为不使用session



                .csrf().disable()



                // 禁用HTTP响应标头



                .headers().cacheControl().disable().and()



                // 认证失败处理类



                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()



                // 基于token,所以不需要session