0

Im new in Spring boot, and I got a task. I would like to give for example admin role from config for every user who visits the site. The users dont need to login.

Here is my idea: I get the anonymus user session and give the admin role to the session, but I dont know where and how to do that. Do you think its a working idea?

Here is my config:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .anonymous()
            .and()
            .authorizeRequests()
            .antMatchers("/**").permitAll()
            .anyRequest()
            .authenticated()
            .and()
            .httpBasic();

So its basically allow everyone to use every site but I would like to give them admin role as well. So where can I get the anonymus user's session and set the session role to admin if its a working ide?

Aladar
  • 1
  • 2
  • try looking at [How to check if user is logged in or anonymous in Spring Security](https://stackoverflow.com/questions/57053736/how-to-check-if-user-is-logged-in-or-anonymous-in-spring-security). – Alias Cartellano Jul 23 '22 at 18:36
  • Thank you, that was a helpful information. One more question. Should I write the updateauth method to a service? – Aladar Jul 23 '22 at 21:54

0 Answers0