We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
后台资源配置通常不会包含server. servlet. context-path,如果配置该值会导致通过当前路径无法查询到所需的权限,建议在com.macro.mall.security.component.DynamicAuthorizationManager获取path时移除context-path.
server. servlet. context-path
com.macro.mall.security.component.DynamicAuthorizationManager
public AuthorizationDecision check(Supplier<Authentication> authentication, RequestAuthorizationContext requestAuthorizationContext) { HttpServletRequest request = requestAuthorizationContext.getRequest(); String path = request.getRequestURI().substring(request.getContextPath().length()); PathMatcher pathMatcher = new AntPathMatcher(); //白名单路径直接放行 List<String> ignoreUrls = ignoreUrlsConfig.getUrls(); for (String ignoreUrl : ignoreUrls) { if (pathMatcher.match(ignoreUrl, path)) { return new AuthorizationDecision(true); } } //权限校验逻辑 List<ConfigAttribute> configAttributeList = securityDataSource.getConfigAttributesWithPath(path); List<String> needAuthorities = configAttributeList.stream() .map(ConfigAttribute::getAttribute) .collect(Collectors.toList()); ... }
The text was updated successfully, but these errors were encountered:
No branches or pull requests
后台资源配置通常不会包含
server. servlet. context-path,如果配置该值会导致通过当前路径无法查询到所需的权限,建议在com.macro.mall.security.component.DynamicAuthorizationManager获取path时移除context-path.The text was updated successfully, but these errors were encountered: