From 9eb0139ed6a0e823a0863c8734278e620587627f Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Tue, 9 Oct 2018 14:09:28 +0300
Subject: security: allow anonymous SSE

---
 .../src/main/java/com/juick/server/configuration/SecurityConfig.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'juick-server/src/main')

diff --git a/juick-server/src/main/java/com/juick/server/configuration/SecurityConfig.java b/juick-server/src/main/java/com/juick/server/configuration/SecurityConfig.java
index 42542810..5aa575ac 100644
--- a/juick-server/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/juick-server/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -97,7 +97,7 @@ public class SecurityConfig {
                     .authorizeRequests()
                     .antMatchers(HttpMethod.OPTIONS).permitAll()
                     .antMatchers("/api/", "/api/messages", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", "/api/tlgmbtwbhk", "/api/fbwbhk",
-                            "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/inbox", "/api/u/**", "/.well-known/webfinger", "/rss/**").permitAll()
+                            "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/inbox", "/api/u/**", "/.well-known/webfinger", "/rss/**", "/api/events").permitAll()
                     .anyRequest().hasRole("USER")
                     .and()
                     .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY)
-- 
cgit v1.2.3