Multiple WebSecurityConfigurerAdapter in spring boot for multiple patterns

by

To use multiple WebsecurityConfigurerAdapter, you need restrict them to specific URL patterns using RequestMatcher.

In your case you can set a higher priority for ActuatorSecurityConfig and limit it only to actuator endpoints: 

@Order(-1)
@Configuration
public class ActuatorSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .requestMatchers().antMatchers("/actuator/**")
                .and()
                .authorizeRequests().anyRequest().hasRole("ADMIN")
                .and()
                .httpBasic();
    }
}

More Related Contents:

  1. Filter invoke twice when register as Spring bean
  2. Spring security CORS Filter
  3. How to disable ‘X-Frame-Options’ response header in Spring Security?
  4. How to enable HTTP response caching in Spring Boot
  5. HttpSecurity, WebSecurity and AuthenticationManagerBuilder
  6. Spring Security 5 : There is no PasswordEncoder mapped for the id “null”
  7. Securing Spring Boot API with API key and secret
  8. Spring Security HTTP Basic for RESTFul and FormLogin (Cookies) for web – Annotations
  9. How do I disable resolving login parameters passed as url parameters / from the url
  10. How do I add method based security to a Spring Boot project?
  11. What does Cookie CsrfTokenRepository.withHttpOnlyFalse () do and when to use it?
  12. disabling spring security in spring boot app [duplicate]
  13. Disabling a filter for only a few paths
  14. Spring Boot Configure and Use Two DataSources
  15. How can I log SQL statements in Spring Boot?
  16. When using Spring Security, what is the proper way to obtain current username (i.e. SecurityContext) information in a bean?
  17. Spring Boot Adding Http Request Interceptors
  18. POSTing a @OneToMany sub-resource association in Spring Data REST
  19. How to disable spring security for particular url
  20. Can a spring boot @RestController be enabled/disabled using properties?
  21. Is it possible with Spring Boot to serve up JSPs with a JAR packaging?
  22. How to configure embedded Tomcat integrated with Spring to listen requests to IP address, besides localhost?
  23. java.lang.NoClassDefFoundError: org/springframework/core/env/ConfigurableEnvironment
  24. Unit testing with Spring Security
  25. spring web, security + web.xml + mvc dispatcher + Bean is created twice
  26. How to specify prefix for all controllers in Spring Boot?
  27. Spring Boot access static resources missing scr/main/resources
  28. bootstrap.yml configuration not processed anymore with Spring Cloud 2020.0
  29. How to modify request body before reaching controller in spring boot
  30. Spring Boot – Reading Text File using ResourceLoader

Leave a Comment