#3 -- fix headers for h2

This commit is contained in:
Anton Romanov 2022-03-10 17:20:35 +04:00
parent 6132e00c5e
commit 2ac1b3f3c1
2 changed files with 3 additions and 5 deletions

Binary file not shown.

View File

@ -40,14 +40,12 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf()
.disable();
http.csrf().disable();
http.headers().frameOptions().disable();
log.debug("Security enabled");
http.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/login").permitAll()
.antMatchers("/index").permitAll()
.antMatchers("/news/*").permitAll()
.antMatchers("/login", "/index", "/news/*", "/h2-console/*", "/h2-console").permitAll()
.antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
.anyRequest().authenticated()
.and()