|
|
|
@ -35,7 +35,20 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
|
private JwtRequestFilter jwtRequestFilter; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private final String[] PERMITTED_URL = {"/api/acnt/**"}; |
|
|
|
|
private final String[] PERMITTED_URL = { |
|
|
|
|
"/api/acnt/**", |
|
|
|
|
/* swagger v2 */ |
|
|
|
|
"/v2/api-docs", |
|
|
|
|
"/swagger-resources", |
|
|
|
|
"/swagger-resources/**", |
|
|
|
|
"/configuration/ui", |
|
|
|
|
"/configuration/security", |
|
|
|
|
"/swagger-ui.html", |
|
|
|
|
"/webjars/**", |
|
|
|
|
/* swagger v3 */ |
|
|
|
|
"/v3/api-docs/**", |
|
|
|
|
"/swagger-ui/**" |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
@Autowired |
|
|
|
|
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { |
|
|
|
@ -64,6 +77,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
|
|
|
.authorizeRequests() |
|
|
|
|
.antMatchers(HttpMethod.OPTIONS,"/api/**").permitAll() |
|
|
|
|
.antMatchers(HttpMethod.GET,"/ping").permitAll() |
|
|
|
|
.antMatchers("/swagger-ui/**").permitAll() |
|
|
|
|
.antMatchers(PERMITTED_URL).permitAll() |
|
|
|
|
// all other requests need to be authenticated
|
|
|
|
|
.anyRequest().authenticated().and() |
|
|
|
|