在springsecurity中如果不设置配置文件它就有可能什么都拦截，包括静态文件和JS等，这次我们就来看看springsecurity如何设置不拦截静态页面。

解决方法一：

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
{
    @Bean
    UserDetailsService customUserService()
    {
        return new CustomUserService();
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception
    {
        auth.userDetailsService(customUserService());
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception
    {
        http.authorizeRequests()
            .anyRequest()
            .authenticated()
            .and()
            .formLogin()
            .loginPage("/login")
            .failureForwardUrl("/login?error")
            .permitAll()
            .and()
            .logout()
            .permitAll();
    }
    @Override
    public void configure(WebSecurity web) throws Exception
    {
        //解决静态资源被拦截的问题
        web.ignoring()
            .antMatchers("/css/**");
    }
}

解决方法二：

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
{
    @Bean
    UserDetailsService customUserService()
    {
        return new CustomUserService();
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception
    {
        auth.userDetailsService(customUserService());
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception
    {
        http.authorizeRequests()
            .antMatchers("/css/**")
            .permitAll()
            .anyRequest()
            .authenticated()
            .and()
            .formLogin()
            .loginPage("/login")
            .failureForwardUrl("/login?error")
            .permitAll()
            .and()
            .logout()
            .permitAll();
    }
}

以上就是本篇文章的所有内容，小伙伴们都会了吗?有关java架构师更多内容请持续关注我们了解噢。

推荐阅读：

springsecurity权限控制的原理是如何实现的?

springsecurity面试题常见有哪些?

springsecurity两套登陆规则是什么?springsecurity详解