代码之家 › 专栏 › 技术社区 › Gabriel Vieira

为什么Sring无法解析“ExpressionInterceptUrlRegistry”中的方法“antMatchers”?

spring-security java

-3

Gabriel Vieira · 技术社区 · 11 月前

我试图在我的应用程序中配置Spring Security设置,但遇到了 antMatchers 方法在 WebSecurityConfiguration 班尝试使用时 鹿角匹配器 方法内 authorizeRequests ,我遇到一个编译错误,指出“无法解析'ExpressionInterceptUrlRegistry'中的方法'antMatchers'”。我试着参考YouTube视频、文档和社区论坛,但还没有找到解决方案。以下是我的配置:

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class WebSecurityConfiguration {

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
            .authorizeRequests(authorize -> authorize
                .antMatchers("/api/cryptography").permitAll() // Allows access without authentication for POST only /api/cryptography
                .anyRequest().authenticated() // Require authentication for any other request
            )
            .httpBasic(withDefaults()); // Uses basic authentication HTTP

        return http.build();
    }
}

1 回复 | 直到 11 月前

J Asgarov 11 月前

您正试图使用旧的配置方式,对于Spring Security 6,您必须使用 requestMatchers :

@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
    http
            .authorizeHttpRequests(authorize -> authorize
                    .requestMatchers("/api/cryptography").permitAll() // Allows access without authentication for POST only /api/cryptography
                    .anyRequest().authenticated() // Require authentication for any other request
            )
            .httpBasic(withDefaults()); // Uses basic authentication HTTP

    return http.build();
}