正在try 配置JWT配置.看来JWT已经过时了.我现在怎么用OAuth2ResourceServerConfigurer::jwt
?
我的代码是:
@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests((requests) -> requests.anyRequest().authenticated());
http.sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
//http.formLogin(withDefaults());
http.httpBasic(Customizer.withDefaults());
http.csrf(csrf -> csrf.disable());
http.headers(headers -> headers.frameOptions(frameOptionsConfig -> frameOptionsConfig.sameOrigin()));
http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
return http.build();
}
此外,在Spring Security6.0中,antMatchers()
以及其他用于保护请求的配置方法(即mvcMatchers()
和regexMatchers()
)已经从API中删除.