JSF管理的库资源是从
/javax.faces.resource/**路径提供的。因此,您需要将该路径公开访问:
@Overrideprotected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); http.authorizeRequests() .antMatchers("/register", "/javax.faces.resource/**").permitAll() .antMatchers("/**").authenticated() .and().formLogin().loginPage("/login").permitAll() .usernameParameter("username").passwordParameter("password") .and().exceptionHandling().accessDeniedPage("/Access_Denied");}您可能还希望浏览器缓存这些资源。然后,将此片段添加到您的配置中,该配置为与的请求匹配的每个响应添加一个标头编写器
/javax.faces.resource/**:
http.headers() .addHeaderWriter(new DelegatingRequestMatcherHeaderWriter( new AntPathRequestMatcher("/javax.faces.resource/**"), new HeaderWriter() { @Override public void writeHeaders(HttpServletRequest request, HttpServletResponse response) { response.addHeader("Cache-Control", "private, max-age=86400"); } })) .defaultsDisabled();
