Maifee Ul Asad
Reputation: 4607
spring boot security doesn't let me access h2-console
I'm trying to implement JWT in Spring Boot. For some debugging purposes, I need an H2 console.
So in my WebSecurityConfiguration, I wrote :
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
//httpSecurity.headers().frameOptions().disable();
httpSecurity.authorizeRequests().antMatchers("/h2").permitAll();
httpSecurity
.csrf().disable()
.authorizeRequests()
.antMatchers("/auth/check/username").permitAll()
.antMatchers("/auth/signup").permitAll()
.antMatchers("/auth/login").permitAll()
.anyRequest().authenticated().and()
.exceptionHandling().and().sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
httpSecurity.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
}
In my application properties, I have this configuration :
spring.h2.console.enabled=true
spring.h2.console.path=/h2
When I hit ":8080/h2", it gives me 403.
So the question remains, how can I properly configure Spring Boot Web Security.
After including /h2/**, I get this UI :
Upvotes: 0
Views: 2203
Answers (1)
shabbeer ahammad
Reputation: 184
Please try "h2" pattern as:
httpSecurity.authorizeRequests().antMatchers("/h2/**").permitAll();
And this too :
httpSecurity.headers().frameOptions().disable();
more can found here : How to disable 'X-Frame-Options' response header in Spring Security?
Upvotes: 5
Related Questions
- H2-Database console not opening with Spring-Security
- Spring Boot /h2-console throws 403 with Spring Security 1.5.2
- Spring boot: can't login h2 console
- H2 console and Spring Security - permitAll() not working
- H2 console Spring Boot not opening
- SpringBoot Accessing H2 console
- h2-console does not show up
- Not able to access Spring H2 Console
- enable h2 console with Spring Security
- Unable to login H2 console in spring application