@Configuration
@EnableOAuth2Sso
public class webSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.
// 禁用 CSRF 跨站伪造请求,便于测试
csrf().disable()
// 验证所有请求
.authorizeRequests()
.anyRequest()
.authenticated()
//允许访问首页
.antMatchers("/","/login").permitAll()
.and()
// 设置登出URL为 /logout
.logout().logoutUrl("/logout").permitAll()
.logoutSuccessUrl("/")
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
}
来源: http://www.jianshu.com/p/03e515c2b43f