0
我有security-context.xml
:春securiyy:訪問被拒絕
<security:http auto-config="true" >
<security:intercept-url pattern="/user*" access="hasRole('REGISTERED_USER')"/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service id="userDetailsService">
<security:user password="password" name="user" authorities="REGISTERED_USER" />
<security:user password="password" name="manager" authorities="BOOKING_MANAGER" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
正如預期的那樣,當我試圖訪問/user
我被重定向到login
。 但我希望在我登錄後授予訪問權限爲user/password
。它不會發生,我得到:
HTTP Status 403 - Access is denied.
什麼我理解錯了?