skyman
Reputation: 2335
Spring 4 Restful Security
I have just been experimenting with Spring 4 security. I am using the following method to map the secured endpoints:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/hello/*").hasRole("ADMIN")
.antMatchers(HttpMethod.GET, "/hello/**").hasRole("ADMIN")
.and()
.httpBasic()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
It occurred to me that if I had a lot of endpoints that the .antMatchers structure could become cumbersome.
Just curious to know if there is an alternative approach that may be more "manageable" - I guess this is a bit subjective?
Upvotes: 0
Views: 34
Answers (1)
Naresh
Reputation: 3179
I can suggest to have a method to just add the ant matchers. May be a Map for the path to role mapping and feed the map into that method to add the matchers.
Upvotes: 1
Related Questions
- What is difference between CrudRepository and JpaRepository interfaces in Spring Data JPA?
- What's the difference between @Component, @Repository & @Service annotations in Spring?
- How to configure port for a Spring Boot application
- Customize Spring Security for trusted space
- Security configuration with Spring-boot
- Spring boot security consider case insensitive username check for login