我使用Spirng Security进行授权。从主站点我有两个链接 - 一个是注册用户的登录表单,第二个是用户将以访客身份登录的页面。我无法找到解决方案如何登录作为具有Spring安全性的访客(没有任何密码可以输入但仍然以GUEST ROLE身份登录。在WebSecurityConfigurerAdapter类中是否有某些内容需要更改或者我必须以某种方式添加用户名和密码" GUEST"在POST方法中发送给授权?
WebSecurityConfigurerAdapter
@Configuration
@EnableWebSecurity
public class ConsumingRestAppSecurityConfig extends WebSecurityConfigurerAdapter {@Autowired
private DataSource securityDataSource;
@Autowired
private SimpleAuthenticationSuccessHandler successHandler;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(securityDataSource);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/loggedIn/guest").hasRole("GUEST")
.antMatchers("/loggedIn/user").hasRole("USER")
.antMatchers("/loggedIn/admin").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.formLogin()
.successHandler(successHandler)
.loginPage("/logginProcess/login-page")
.loginProcessingUrl("/logginProcess/authenticateTheUser")
.permitAll()
.and()
.logout()
.permitAll()
.and()
.exceptionHandling()
.accessDeniedPage("/home/access-denied");
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/home/**", "/");
}}