I'm trying to diable authentication for a specific uri in my application, running the following curl command:
curl --header "content-type: application/soap+xml" -d @src/test/resources/xml-file https://localhost:5434/ws --insecure
At the moment it only works with:
curl -u *****:***** --header "content-type: application/soap+xml" -d @src/test/resources/xml-fike https://localhost:5434/ws --insecure
Here is my updated confifure method:
@Override
public void configure(HttpSecurity http) throws Exception{
http.anonymous()
.and()
.antMatcher("/ws");
http.authorizeRequests()
.antMatchers("/rest").access("hasRole('USER', 'ADMIN')")
.anyRequest()
.authenticated();
System.out.println("applying anomyous to ws, and auth for rest");
}
This solution is based on the similar post I have found on stack so far, although when i run the desired curl command, I don't get any output. I still need authentication for my "/rest" uri. User credentials are initialized in the following way:
@Configuration
public class AuthenticationConfiguration extends GlobalAuthenticationConfigurerAdapter {
// overides deafult password, here you can add additional users
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("*******").password("*****").roles("USER")
.and()
.withUser("*******").password("******").roles("USER", "ADMIN");
System.out.println("global configurer finished");
}
}
Some of the posts i have looked at: How to disable spring security for particular url Spring Security exclude url patterns in security annotation configurartion
I updated configure method with, but still not getting the desired output.
public void configure(HttpSecurity http) throws Exception{
http.
.antMatchers("/ws")
.permitAll()
.anonymous();
}
So I'm trying add this method, but it requires additional methods. But I don't know what to add.
