我想忽略所有帶有HttpMethod.GET的 URL，帶有 Post、Delete、Put 的 URL 需要進(jìn)行身份驗(yàn)證。我的網(wǎng)址是"/api/manga","/api/grupos","/api/autor","/genero","/api/pagina","/api/capitulo"PermitAll 不適用于 JWTFilter，如果刪除過濾器，則工作正常。如何忽略或允許所有網(wǎng)址HttpMethod.GET？需要?jiǎng)?chuàng)建單獨(dú)的 api 進(jìn)行身份驗(yàn)證？網(wǎng)絡(luò)安全配置@Configuration@EnableWebSecurity@EnableGlobalMethodSecurity(prePostEnabled = true)public class WebSecurityConfig extends WebSecurityConfigurerAdapter {    @Override    protected void configure(HttpSecurity http) throws Exception {        http.authorizeRequests()                .antMatchers(HttpMethod.GET, "/api/manga", "/api/grupos", "/api/autor", "/genero", "/api/pagina",                        "/api/capitulo")                .permitAll().anyRequest().fullyAuthenticated().and()                .addFilterBefore(new JWTAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class).httpBasic()                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().csrf()                .disable();    }    @Override    public void configure(WebSecurity web) throws Exception {        web.ignoring().antMatchers("/favicon.ico", "/", "/index.html", "/registrar", "/autenticar", "/app/**");    }}JWT認(rèn)證過濾器public class JWTAuthenticationFilter extends GenericFilterBean {    private static final String AUTHORIZATION_HEADER = "Authorization";    private static final String AUTHORITIES_KEY = "roles";    @Override    public void doFilter(final ServletRequest req, final ServletResponse res,final FilterChain filterChain)            throws IOException, ServletException {              final HttpServletRequest request = (HttpServletRequest) req;               String authReader = request.getHeader(AUTHORIZATION_HEADER);        if (authReader == null || !authReader.startsWith("Bearer ")) {            ((HttpServletResponse) res).sendError(HttpServletResponse.SC_UNAUTHORIZED, "invalido autorization");        }