只給出關鍵示例,代碼不全,驗證可用
重點是protected void configure(HttpSecurity http)方面裏面的路徑放行
@Configuration
@EnableAuthorizationServer
public class AuthServerConfig extends WebSecurityConfigurerAdapter {
public AuthServerConfig(TokenEndpoint tokenEndpoint) {
tokenEndpoint.setOAuth2RequestValidator(new NonScopeOAuth2RequestValidator());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/actuator/**").permitAll()//不對springboot-admin監控的請求進行權限校驗
.antMatchers("/instances/**").permitAll()//不對springboot-admin監控的實例信息請求進行權限校驗
.anyRequest().authenticated().and().logout().disable();
}