spring security 2.X导入依赖关闭验证

1.可以在启动类加上此注解，会关闭安全验证
@EnableAutoConfiguration(exclude = )
2.也可以写如以下类(二选一)

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
	 @Override
	    protected void configure(HttpSecurity http) throws Exception {
	        http
	            .authorizeRequests()
	                .antMatchers("/js/**", "/lib/**", "/css/**", "/data/**", "/image/**", "/pages/**").permitAll()//放行的路径
	           .and().csrf().disable().headers().frameOptions().sameOrigin().and()
	            .httpBasic()
	                .disable();
	    }

}

发现以上方式在webflux中失效，继更新webflux中的设置方式

package com.lj2508.image.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;

@Configuration
@EnableWebFluxSecurity
public class WebSecurityConfig{
	 	@Bean
	    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
	 		http
            .authorizeExchange()
            .pathMatchers("/api/**").authenticated() //需要认证的请求
            .pathMatchers("/**/**").permitAll()  //无需进行权限过滤的请求路径
            .anyExchange().authenticated()
            .and()
            .httpBasic().and()
            .formLogin()
            //.loginPage("/loginPage")  //自定义的登陆页面
            ;
	        return http.build();
	    }

}