我有一个Spring MVC控制器,并希望通过Spring Method Security来保护它。
在下面的例子它的工作原理 - @RequestMapping
和@PreAuthorize
注释相同的方法:Spring Security:@PreAuthorize仅与@RequestMapping一起使用
@Controller
public class MyController {
@RequestMapping(value = "/test", method = {RequestMethod.POST, RequestMethod.GET})
@PreAuthorize("isAuthenticated()")
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
return test(request, response);
}
public ModelAndView test(HttpServletRequest request, HttpServletResponse response) throws Exception {
...
}
在这个例子中它不工作 - @RequestMapping
和@PreAuthorize
注释不同的方法:
@Controller
public class MyController {
@RequestMapping(value = "/test", method = {RequestMethod.POST, RequestMethod.GET})
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
return test(request, response);
}
@PreAuthorize("isAuthenticated()")
public ModelAndView test(HttpServletRequest request, HttpServletResponse response) throws Exception {
...
}
什么可能是这个奇怪的原因b ehaviour?
http://stackoverflow.com/a/19421786/1291150 –
谢谢你 - 这有助于! – olivmir