antMatcher not working with antMatchers security config

I am working on Spring Boot security config where I want one of the URL to be excluded from security filter.

URL format: URL/v1/btob/**.
To be excluded URL format: URL/v1/btob/icici/pay

Here's my configure method:

@Override
public void configure(HttpSecurity http) throws Exception {
     http
         .csrf().disable();
     http
         .sessionManagement()
             .sessionCreationPolicy(SessionCreationPolicy.STATELESS);

     http
         .antMatcher("/v1/btob/**")
         .httpBasic()
             .and()
         .csrf().disable()
         .sessionManagement()#
             .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
             .and()
         .cors()
             .and()
         .authorizeRequests()
             .antMatchers(HttpMethod.POST, "/icici/pay").permitAll()
             .anyRequest().authenticated()
             .and()
         .addFilterBefore(btoBFilter, UsernamePasswordAuthenticationFilter.class);
}

@Override
public void configure(WebSecurity web) {

    web
       .ignoring()
           .antMatchers(HttpMethod.POST, "/v1/btob/icici/pay");
}

I did this but still the excluded URL goes in the filter. How to fix this? I even tried ignoring the URL globally in 2nd configure method but no help.



Comments

Popular posts from this blog

Today Walkin 14th-Sept

Spring Elasticsearch Operations

Hibernate Search - Elasticsearch with JSON manipulation