SpringBoot安全-未经授权的URL

我有这个SpringBoot安全配置:

  @Override
        protected void configure(HttpSecurity http) throws Exception {


            http
                    .authorizeRequests()
                    .antMatchers(HttpMethod.PUT, "/api/**").permitAll()
                    .antMatchers(publicMatchers()).permitAll()
                    .anyRequest().authenticated()
                    .and()
                    .formLogin().loginPage("/login").defaultSuccessUrl("/book/list")
                    .failureUrl("/login?error").permitAll()
                    .and()
                    .logout().permitAll();
        }

 private String[] publicMatchers() {

         /** Public URLs. */
        final String[] PUBLIC_MATCHERS = {
                "/webjars/**",
                serverContextPath + "/css/**",
                serverContextPath + "/js/**",
                serverContextPath + "/fonts/**",
                serverContextPath + "/images/**",                
                "/api/**",
                serverContextPath ,
                "/",
                "/error/**/*",
                "/console/**",
                ForgotMyPasswordController.FORGOT_PASSWORD_URL_MAPPING,
                ForgotMyPasswordController.CHANGE_PASSWORD_PATH,
                SignupController.SIGNUP_URL_MAPPING
        };

        return PUBLIC_MATCHERS;

    }

期望此URL http://localhost:5678/pradera/api/users/fcm (使用PUT方法),将是公开的,但当我在Postman上测试它时,Ii会将我重定向到登录页面

关于publicMatchers()方法,我也有 "/api/**", 这似乎对通话有效 http://localhost:5678/pradera/api/deviceevent/list (获取)