I overrode the method in the SpringWebConfig and I want to give all pages of application only for admins.
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/*", "/**").hasRole("ADMIN"); }
When I try to open page http://localhost:8080/api/v1/skills/ without any authorization I have a correct result instead of 403. Maybe I’m wrong with my config? Full project https://github.com/Wismut/crud_developers
Advertisement
Answer
Add the following class inside config package
package ua.wismut.config; import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer; public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer { }