Maksym Ivanov
Reputation: 35
Spring Security roles issue
I overrode the method in the SpringWebConfig and I want to give all pages of application only for admins.
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/*", "/**").hasRole("ADMIN");
}
When I try to open page http://localhost:8080/api/v1/skills/ without any authorization I have a correct result instead of 403. Maybe I'm wrong with my config? Full project https://github.com/Wismut/crud_developers
Upvotes: 0
Views: 37
Answers (1)
Osam
Reputation: 169
Add the following class inside config package
package ua.wismut.config;
import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
}
Upvotes: 1
Related Questions
- Spring security authorization not working though the roles provided correctly
- Spring Security Role Hierarchy not working using Java Config
- Spring Security don't change role
- How to fix role in Spring Security?
- Java Spring Security unrecognised roles
- Spring security 4 : Access denied on providing roles
- Spring security roles and permissions
- Spring Security access denied roles or what else?
- spring security roles issues
- Spring security roles