[Spring-Boot-Keycloak example] Allows preflight requests from browser (#15706)
This commit is contained in:
parent
b8a43f209c
commit
861e43470d
@ -7,6 +7,7 @@ import java.util.Set;
|
|||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.config.Customizer;
|
import org.springframework.security.config.Customizer;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
@ -56,6 +57,9 @@ class SecurityConfig {
|
|||||||
@Bean
|
@Bean
|
||||||
public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain resourceServerFilterChain(HttpSecurity http) throws Exception {
|
||||||
http.authorizeHttpRequests(auth -> auth
|
http.authorizeHttpRequests(auth -> auth
|
||||||
|
// Allows preflight requests from browser
|
||||||
|
.requestMatchers(new AntPathRequestMatcher("/customers*", HttpMethod.OPTIONS.name()))
|
||||||
|
.permitAll()
|
||||||
.requestMatchers(new AntPathRequestMatcher("/customers*"))
|
.requestMatchers(new AntPathRequestMatcher("/customers*"))
|
||||||
.hasRole("user")
|
.hasRole("user")
|
||||||
.requestMatchers(new AntPathRequestMatcher("/"))
|
.requestMatchers(new AntPathRequestMatcher("/"))
|
||||||
|
Loading…
x
Reference in New Issue
Block a user