#3 -- fix headers for h2

This commit is contained in:
Anton Romanov 2022-03-10 17:20:35 +04:00
parent 6132e00c5e
commit 2ac1b3f3c1
2 changed files with 3 additions and 5 deletions

Binary file not shown.

View File

@ -40,14 +40,12 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http.csrf() http.csrf().disable();
.disable(); http.headers().frameOptions().disable();
log.debug("Security enabled"); log.debug("Security enabled");
http.authorizeRequests() http.authorizeRequests()
.antMatchers("/").permitAll() .antMatchers("/").permitAll()
.antMatchers("/login").permitAll() .antMatchers("/login", "/index", "/news/*", "/h2-console/*", "/h2-console").permitAll()
.antMatchers("/index").permitAll()
.antMatchers("/news/*").permitAll()
.antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN) .antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
.anyRequest().authenticated() .anyRequest().authenticated()
.and() .and()