java - How to allow specific requests when using spring-security -


i've scenario need let request (let's request method get) no 401 error can thrown.

below spring security configuration:

@configuration @enablewebsecurity public class securityconfiguration extends websecurityconfigureradapter {       @override     public void configure(websecurity web) throws exception {          web.ignoring()                 .antmatchers("/bower_components/**")                 .antmatchers("/fonts/**")                 .antmatchers("/images/**")                 .antmatchers("/scripts/**")                 .antmatchers("/styles/**")                 .antmatchers("/views/**")                 .antmatchers("/i18n/**")                 .antmatchers("/swagger-ui/**")                 .antmatchers("/app/rest/register")                 .antmatchers("/app/rest/activate");     } } 

and resourceserverconfigureradapter implementation:

how can allow requests?

there method called requestmatchers can call 1 or more requestmatcher implementaions.

public void configure(httpsecurity http){     .....      web.ignoring().requestmatchers(new methodtyperequestmatcher(requestmethod.get));     .....  } 

and can define implementation:

public class methodrequestmatcher implements requestmatcher {     private requestmethod method;      public methodrequestmatcher(requestmethod method) {         this.method = method;     }      @override     public boolean matches(httpservletrequest request) {         if (method == null) {             return false;         }         return request.getmethod().equals(method.name());      } } 

Comments

Popular posts from this blog

matlab - "Contour not rendered for non-finite ZData" -

delphi - Indy UDP Read Contents of Adata -

javascript - Any ideas when Firefox is likely to implement lengthAdjust and textLength? -