antMatchers that matches any beginning of path

by

You have to use absolute pattern, see AntPathMatcher:

Note: a pattern and a path must both be absolute or must both be relative in order for the two to match. Therefore it is recommended that users of this implementation to sanitize patterns in order to prefix them with “https://stackoverflow.com/” as it makes sense in the context in which they’re used.

Your modified and simplified configuration:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
        .csrf().disable()
        .authorizeRequests()
            .antMatchers(HttpMethod.POST, "/**/authenticate").permitAll()
            .antMatchers(HttpMethod.GET, "/**/get-public-key").permitAll()
            .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
            .anyRequest().authenticated();
}

More Related Contents:

  1. Spring Boot Security CORS
  2. Spring Boot CORS filter – CORS preflight channel did not succeed
  3. Prevent Spring Boot from registering a servlet filter
  4. How to get custom user info from OAuth2 authorization server /user endpoint
  5. Spring Security: mapping OAuth2 claims with roles to secure Resource Server endpoints
  6. How to use multiple login pages one for admin and the other one for user
  7. Spring Boot with embedded Tomcat behind Apache proxy
  8. Spring Boot: How to specify the PasswordEncoder?
  9. How to allow a User only access their own data in Spring Boot / Spring Security?
  10. How to configure CORS in a Spring Boot + Spring Security application?
  11. Filter invoke twice when register as Spring bean
  12. Spring Boot – Loading Initial Data
  13. Spring Boot not serving static content
  14. Spring Boot JPA – configuring auto reconnect
  15. How Spring Security Filter Chain works
  16. Disable all Database related auto configuration in Spring Boot
  17. How to use OAuth2RestTemplate?
  18. How to enable HTTP response caching in Spring Boot
  19. How to write a custom filter in spring security?
  20. Multiple WebSecurityConfigurerAdapter in spring boot for multiple patterns
  21. How to configure rolling file appender within Spring Boot’s application.yml
  22. Escaping a dot in a Map key in Yaml in Spring Boot
  23. Spring batch scope issue while using spring boot
  24. Spring Security 3.2 CSRF disable for specific URLs
  25. Configure Multiple MongoDB repositories with Spring Data Mongo
  26. How can I specify my .keystore file with Spring Boot and Tomcat?
  27. How to prevent Spring Boot daemon/server application from closing/shutting down immediately?
  28. With Spring Security 3.2.0.RELEASE, how can I get the CSRF token in a page that is purely HTML with no tag libs
  29. Spring – How to stream large multipart file uploads to database without storing on local file system [duplicate]
  30. With Spring Data REST, why is the @Version property becoming an ETag and not included in the representation?

Leave a Comment