java - Unexpected Spring Boot auth behaviour -
i want secure endpoint except /register , /activate, next configuration not permit unauthenticated calls excluded endpoints. what's missing/wrong? compared several tutorials , code snippets not able find failure. have remove .anyrequest().authenticated() part able phone call 1 of 2 endpoints, other endpoints unsecured.
@configuration @enablewebmvcsecurity public class websecurityconfig extends websecurityconfigureradapter { @autowired private userdetailsservice userdetailsservice; @override protected void configure(httpsecurity http) throws exception { http .authorizerequests() .antmatchers("/register", "/activate").permitall() .anyrequest().authenticated() .and() .csrf().disable() .httpbasic(); } @autowired public void registerauthentication(authenticationmanagerbuilder auth) throws exception { auth.userdetailsservice(userdetailsservice); } } java spring spring-boot basic-authentication
No comments:
Post a Comment