gushen/template-springboot-hucky
1
0
Fork 4
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 防止 Security 影响 Cors 配置

Browse Source
This commit is contained in:
gushen610140
2025-12-21 03:04:40 +08:00
parent cafd2708b4
commit 9395d8d2c9
1 changed files with 16 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/main/java/icu/sunway/ai_spring_example/Config/SecurityConfig.java
View File

@@ -11,23 +11,21 @@ import org.springframework.security.web.SecurityFilterChain;
@EnableWebSecurity @EnableWebSecurity
public class SecurityConfig { public class SecurityConfig {
@Bean @Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
// 启用跨域配置 // 禁用默认的登录表单和HTTP基本认证
.cors(cors -> cors.configurationSource( .formLogin(form -> form.disable())
request -> new org.springframework.web.cors.CorsConfiguration().applyPermitDefaultValues())) .httpBasic(basic -> basic.disable())
// 禁用默认登录表单和HTTP基本认 // 允许所有请求通过,取消默认登录
.formLogin(form -> form.disable()) .authorizeHttpRequests((authz) -> authz
.httpBasic(basic -> basic.disable()) .anyRequest().permitAll())
// 允许所有请求通过,取消默认登录验证 // 禁用CSRF保护
.authorizeHttpRequests((authz) -> authz .csrf(csrf -> csrf.disable())
.anyRequest().permitAll()) // 设置会话创建策略为无状态
// 禁用CSRF保护 .sessionManagement(session -> session
.csrf(csrf -> csrf.disable()) .sessionCreationPolicy(SessionCreationPolicy.STATELESS));
// 设置会话创建策略为无状态
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
return http.build(); return http.build();
} }
} }