antMatcher not working with antMatchers security config

By -

I am working on Spring Boot security config where I want one of the URL to be excluded from security filter.

URL format: URL/v1/btob/**.
To be excluded URL format: URL/v1/btob/icici/pay

Here's my configure method:

@Override
public void configure(HttpSecurity http) throws Exception {
     http
         .csrf().disable();
     http
         .sessionManagement()
             .sessionCreationPolicy(SessionCreationPolicy.STATELESS);

     http
         .antMatcher("/v1/btob/**")
         .httpBasic()
             .and()
         .csrf().disable()
         .sessionManagement()#
             .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
             .and()
         .cors()
             .and()
         .authorizeRequests()
             .antMatchers(HttpMethod.POST, "/icici/pay").permitAll()
             .anyRequest().authenticated()
             .and()
         .addFilterBefore(btoBFilter, UsernamePasswordAuthenticationFilter.class);
}

@Override
public void configure(WebSecurity web) {

    web
       .ignoring()
           .antMatchers(HttpMethod.POST, "/v1/btob/icici/pay");
}

I did this but still the excluded URL goes in the filter. How to fix this? I even tried ignoring the URL globally in 2nd configure method but no help.



Comments

Post a Comment

Popular posts from this blog

Spring Elasticsearch Operations

By -
Elasticsearch Operations Spring Data Elasticsearch uses two interfaces to define the operations that can be called against an Elasticsearch index. These are ElasticsearchOperations and ReactiveElasticsearchOperations. Whereas the first is used with the classic synchronous implementations, the second one uses reactive infrastructure. The default implementations of the interfaces offer: Read/Write mapping support for domain types. A rich query and criteria api. Resource management and Exception translation. ElasticsearchTemplate The ElasticsearchTemplate is an implementation of the ElasticsearchOperations interface using the Transport Client. @Configuration public class TransportClientConfig extends ElasticsearchConfigurationSupport {   @Bean   public Client elasticsearchClient() throws UnknownHostException {                      Settings settings = Settings.builder().put("cluster.name", "elasticsearch")....
Read more

Object oriented programming concepts (OOPs)

By -
Object-oriented programming (OOP) is a programming paradigm based on the concept of "objects". Re-usability is the main concept of Oops. There are few major principles of object-oriented paradigm. If any programming Language supports this principles that programming language called Object-oriented programming. Below are object oriented programming concepts : 1. Object        Read More about Object     http://theprogrammersfirst.blogspot.in/2016/07/java-object-concept.html
Read more

Spring Boot and Vaadin : Filtering rows in Vaadin Grid

By -
Adding a text field for filtering: Start by adding a text field above the grid. Remember, MainView is a VerticalLayout, so you need to add the text field before the grid. MainView.java public class MainView extends VerticalLayout {   private ContactService contactService;   private Grid<Contact> grid = new Grid<>(Contact.class);   private TextField filterText = new TextField(); ①   public MainView(ContactService contactService) {   this.contactService = contactService;   addClassName("list-view");   setSizeFull();   configureFilter(); ②   configureGrid();   add(filterText, grid); ③   updateList();   }   private void configureFilter() {   filterText.setPlaceholder("Filter by name..."); ④   filterText.setClearButtonVisible(true); ⑤   filterText.setValueChangeMode(ValueChangeMode.LAZY); ⑥   filterText.addValueChangeListener(e -> updateList()); ⑦   }   // Grid...
Read more