BAEL-89 remove csrf disable

2016-11-05 17:35:46 +01:00 · 2016-11-05 17:35:46 +01:00 · 9938a1a0c7
parent 8daa90f3de
commit 9938a1a0c7
2 changed files with 1 additions and 3 deletions
--- a/spring-session/jetty-ex/src/main/java/com/baeldung/spring/session/tomcatex/SecurityConfig.java
+++ b/spring-session/jetty-ex/src/main/java/com/baeldung/spring/session/tomcatex/SecurityConfig.java
@ -16,7 +16,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                        .sessionManagement()
                                .sessionCreationPolicy(SessionCreationPolicy.NEVER)
                                .and()
-                        .authorizeRequests().anyRequest().hasRole("ADMIN").and()
-                        .httpBasic().disable();
+                        .authorizeRequests().anyRequest().hasRole("ADMIN").and();
        }
 }
--- a/spring-session/tomcat-ex/src/main/java/com/baeldung/spring/session/tomcatex/SecurityConfig.java
+++ b/spring-session/tomcat-ex/src/main/java/com/baeldung/spring/session/tomcatex/SecurityConfig.java
@ -22,7 +22,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        protected void configure(HttpSecurity http) throws Exception {
                http
                        .httpBasic().and()
-//                        .csrf().disable()
                        .authorizeRequests()
                                .antMatchers("/").permitAll()
                                .antMatchers("/tomcat").hasRole("USER")