From f64b1586b1c146129077e238c03ad4549b5b6f54 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Fri, 21 Sep 2018 09:52:58 +0300 Subject: security: /ws/** urls should be ignored --- .../main/java/com/juick/server/configuration/SecurityConfig.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'juick-server') diff --git a/juick-server/src/main/java/com/juick/server/configuration/SecurityConfig.java b/juick-server/src/main/java/com/juick/server/configuration/SecurityConfig.java index 10f5a40b..23e2a4e6c 100644 --- a/juick-server/src/main/java/com/juick/server/configuration/SecurityConfig.java +++ b/juick-server/src/main/java/com/juick/server/configuration/SecurityConfig.java @@ -97,7 +97,7 @@ public class SecurityConfig { .authorizeRequests() .antMatchers(HttpMethod.OPTIONS).permitAll() .antMatchers("/api/", "/api/messages", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", "/api/tlgmbtwbhk", "/api/fbwbhk", - "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/u/**", "/.well-known/webfinger", "/ws/**", "/rss/**").permitAll() + "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/u/**", "/.well-known/webfinger", "/rss/**").permitAll() .anyRequest().hasRole("USER") .and() .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY) @@ -207,9 +207,9 @@ public class SecurityConfig { .headers().defaultsDisabled().cacheControl(); } @Override - public void configure(WebSecurity web) throws Exception { + public void configure(WebSecurity web) { web.debug(false); - web.ignoring().antMatchers("/style.css*", "/scripts.js*", "/h2-console/**", "/.well-known/**"); + web.ignoring().antMatchers("/style.css*", "/scripts.js*", "/h2-console/**", "/.well-known/**", "/ws/**"); } } } -- cgit v1.2.3