christoph/lecture-professional-software-development
1
Fork 0
Code Activity

Merge pull request #29 from hhu-propra2/adapt-spring-security-to-h2-console

Browse Source 
disable csrf + headers.frameoptions, permit /h2-console/**
This commit is contained in:
killerber4t
2020-03-05 14:09:35 +01:00
committed by GitHub
parent 3de9736719 3842ee1739
commit babac2279d
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/mops/gruppen2/security/SecurityConfig.java
View File

@ -61,12 +61,17 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
.hasRole("monitoring") .hasRole("monitoring")
.and() .and()
.authorizeRequests() .authorizeRequests()
.antMatchers("h2-console/**") .antMatchers("/h2-console/**")
.permitAll() .permitAll()
.anyRequest() .anyRequest()
.permitAll(); .permitAll();
http.csrf().disable();
http.headers().frameOptions().disable();
} }
/** /**
* Declaring this class enables us to use the Spring specific * Declaring this class enables us to use the Spring specific
* {@link org.springframework.security.access.annotation.Secured} annotation * {@link org.springframework.security.access.annotation.Secured} annotation