Spring security permit a url

Question

I have implemented a Rest api using spring and used Spring security for securing the api, my security config code is :

http
     .authorizeRequests()
     .anyRequest().authenticated()
     .and()
     .requestCache()
     .requestCache(new NullRequestCache())
     .and()
     .httpBasic();

this code will authenticate all the urls but I want to permit a specific url for anonymous users to sign-up in my application so I did change the security config to below code :

http
     .authorizeRequests()
     .antMatchers("/signup").permitAll()
     .antMatchers("/**").authenticated()
     .and()
     .requestCache()
     .requestCache(new NullRequestCache())
     .and()
     .httpBasic();

but I still needs to be authenticated to access the /signup request call. How can I permit just some request calls in my api?

Follow this links should solve your issue: https://stackoverflow.com/questions/30366405/how-to-disable-spring-security-for-particular-url — Abu Sufian, Jun 05 '17 at 15:40

score 2 · Accepted Answer · answered Jun 05 '17 at 16:04

I should Override configure method with WebSecurity parameter and use the following code to ignore the /signup request.

@Override
public void configure(WebSecurity web) throws Exception {
    super.configure(web);
    web.ignoring().antMatchers("/signup");
}

Spring security permit a url

1 Answers1