您好。我想知道如何阻止已经通过身份验证的用户访问注册页面
现在我的配置如下:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/registration").permitAll()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/hello")
.permitAll()
.and()
.logout()
.logoutSuccessUrl("/hello")
.permitAll();
}
您可以直接在控制器中编写if条件来访问登录页面如下代码
@GetMapping("/login")
public String loginPage(Model model) {
User user = new User();
model.addAttribute("user", user);
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null || authentication instanceof AnonymousAuthenticationToken) {
return "/login";
}
return "redirect:/";
}