来源:SpringBoot框架课
问题:SpringBoot3下WebSecurityConfigurerAdapter被弃用
解决办法:
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeHttpRequests(
)
.requestMatchers("/user/account/token/", "/user/account/register/","/websocket/**").permitAll()
.requestMatchers("/pk/start/game/", "/pk/receive/bot/move/" ).access(hasIpAddress("127.0.0.1"))
.requestMatchers(HttpMethod.OPTIONS).permitAll()
.anyRequest().authenticated();
http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
return http.build();
}
private static AuthorizationManager<RequestAuthorizationContext> hasIpAddress(String ipAddress) {
IpAddressMatcher ipAddressMatcher = new IpAddressMatcher(ipAddress);
return (authentication, context) -> {
HttpServletRequest request = context.getRequest();
return new AuthorizationDecision(ipAddressMatcher.matches(request));
};
}
絮叨几句,太离谱了,被弃用之后全网都找不到平替方法,我把AcWing都翻遍了,把国内技术网站都翻遍了
不过终于在Stack Overflow找到了一位老哥和我一样的问题
最终总结并解决了问题
开源不死!开源社区yyds!