#3 -- fix headers for h2
This commit is contained in:
parent
6132e00c5e
commit
2ac1b3f3c1
BIN
data/db.mv.db
BIN
data/db.mv.db
Binary file not shown.
@ -40,14 +40,12 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf()
|
||||
.disable();
|
||||
http.csrf().disable();
|
||||
http.headers().frameOptions().disable();
|
||||
log.debug("Security enabled");
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/").permitAll()
|
||||
.antMatchers("/login").permitAll()
|
||||
.antMatchers("/index").permitAll()
|
||||
.antMatchers("/news/*").permitAll()
|
||||
.antMatchers("/login", "/index", "/news/*", "/h2-console/*", "/h2-console").permitAll()
|
||||
.antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
|
Loading…
Reference in New Issue
Block a user