slema imen
Reputation: 75
How to make certain endpoint in spring security to be allowed without authentication?
I'm developing an application using Spring security.
@Override
public void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.csrf().disable().authorizeRequests().antMatchers("/api/client/findByVariable?variable=").permitAll();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().requestMatchers()
.antMatchers("/api/**").and().authorizeRequests().antMatchers("/api/**")
.access("#oauth2.hasScope('read') or (!#oauth2.isOAuth() and hasRole('USER'))");
// @formatter:on
}
How can I modify above code so that endpoint "/api/client/findByVariable?variable=" can be allowed to be accessed without requiring authentication just as if there was no Spring Security ? I tried adding the line :
http.csrf().disable().authorizeRequests().antMatchers("/api/client/findByVariable?variable=").permitAll();
But it is not working
Upvotes: 0
Views: 988
Answers (1)
James
Reputation: 12182
You can ignore endpoints with overriding the configure method that gives you a WebSecurity instance:
@Override
public void configure(WebSecurity web)
{
web.ignoring().antMatchers("/api/client/findByVariable");
}
I'm not sure if you can also match by query params like /api/client/findByVariable?variable=*
Upvotes: 1
Related Questions
- Spring Boot 2.0: how to disable security for a particular endpoint
- How to enable OAuth on a specific endpoint using spring security
- Ignore authorization for some endpoints in Spring Boot
- Spring boot security to allow all endpoints except one
- How can I disable authentication for a specific endpoint?
- How to whitelist single endpoint in Spring Boot application?
- Spring boot: How to skip basic-auth for particular endpoint
- Spring Security: Allow a public endpoint and not allow other endpoints
- How to allow certain endpoint in spring security to be allowed without authentication?
- Spring REST Security : Enable Basic Authentication only on a specific endpoint