|
|
@@ -69,7 +69,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
//.exceptionHandling().accessDeniedHandler(baseAccessDeniedHandler).authenticationEntryPoint(baseAuthenticationEntryPoint).and()// 当未登录访问资源时
|
|
|
// 请求授权
|
|
|
.authorizeRequests()// 不需要权限认证的url
|
|
|
- .antMatchers("/usernameLogin","/smsLogin", "/refreshToken",
|
|
|
+ .antMatchers("/usernameLogin","/smsLogin", "/refreshToken", "/*/usernameLogin", "/*/smsLogin",
|
|
|
"/getQRLoginCode","/pollingQRLoginCode","/v2/api-docs").permitAll()// 任何请求
|
|
|
.anyRequest()// 需要身份认证
|
|
|
.authenticated().and()// 关闭跨站请求防护
|
