portal spring security config init bug

ea77e45b · shine.zhou · fbc41783 · ea77e45b
Commit ea77e45b authored Oct 24, 2017 by shine.zhou
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 3 deletions

AuthConfiguration.java ...rk/apollo/portal/spi/configuration/AuthConfiguration.java +2 -3

No files found.
--- a/apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/spi/configuration/AuthConfiguration.java
+++ b/apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/spi/configuration/AuthConfiguration.java
@@ -248,9 +248,8 @@ public class AuthConfiguration {
    protected void configure(HttpSecurity http) throws Exception {
      http.csrf().disable();
      http.headers().frameOptions().sameOrigin();
-      http.authorizeRequests()
-          .antMatchers("/openapi/*").permitAll()
-          .antMatchers("/*").hasAnyRole(USER_ROLE);
+      http.authorizeRequests().antMatchers("/openapi/**", "/vendor/**", "/styles/**", "/scripts/**", "/views/**", "/img/**").permitAll()
+      .antMatchers("/**").hasAnyRole(USER_ROLE);
      http.formLogin().loginPage("/signin").permitAll().failureUrl("/signin?#/error").and().httpBasic();
      http.logout().invalidateHttpSession(true).clearAuthentication(true).logoutSuccessUrl("/signin?#/logout");
      http.exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/signin"));