Mapping resources in Spring Boot 2

Question

I am using Spring Boot 2.2.2.RELEASE for serving a web and want to allow the static contents of my page such as css for every user, also for unauthenticated ones.

As I understand, resources under static folder are mapped into the root so accessing localhost:8080/css/sobre.css I should access my css file. But instead I get redirected to the login page.

This is ok, I know that with Spring Boot 1.5, resources under static were permited by default, but that changed.

So, I am using a custom WebSecurityConfigurerAdapter to permit that paths, so it looks like:

    @Override
    protected void configure(final HttpSecurity http) throws Exception {
        http
                .csrf().disable()
                .authorizeRequests()
                .antMatchers("/css/**").permitAll()
                .antMatchers("/login*").permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/login")
                .and()
                .logout()
                .logoutUrl("/perform_logout")
                .deleteCookies("JSESSIONID");
    }

But when I go to the page which has a link to the resource i get:

No mapping for GET /css/sobre.css

And defenetly mapping every resource into the actual file is not the right approach.

So I don't really know how to do this. What am I missing? I just want to:

 <link rel="stylesheet" href="/css/sobre.css" />

Thank you.

Answer 1

I had to do three things:

• Removing @EnableWebMvc from the main class.

• Adding a exception to that path in the Security adapter:

  @Override
  public void configure(WebSecurity web) {
      web.ignoring().antMatchers("/css/**");
  }
  

  OR with HttpSecurity:

  .antMatchers("/css/*").permitAll()
  

• In case your static folder is not called "static", setting the root path to the resources folder:

  spring.resource.static-locations= "classpath:/publicfiles/"