i created custom spring security filter chain , want exclude url beginning "/health".
here filter configuration:
@override public void configure(websecurity web) throws exception { web .ignoring() .antmatchers("/health"); } @override protected void configure(httpsecurity http) throws exception { http .exceptionhandling() .authenticationentrypoint(ssoentrypoint()); http .authorizerequests() .antmatchers("/images/**").permitall() .antmatchers("/scripts/**").permitall() .antmatchers("/styles/**").permitall() .antmatchers("/vendor/**").permitall() .antmatchers("/views/**").permitall() .antmatchers("/index.html").permitall() .antmatchers("/api/**").authenticated(); http // login configuration .addfilterafter(ssospringsecurityfilter(), basicauthenticationfilter.class); http //logout configuration .logout() .logoutsuccesshandler(logouthandler()); http.csrf().disable(); } when start application have trace:
2016-01-29 12:59:23.729 info 10572 --- [ost-startstop-1] o.s.s.web.defaultsecurityfilterchain : creating filter chain: ant [pattern='/health'], [] 2016-01-29 12:59:23.814 debug 10572 --- [ost-startstop-1] edfilterinvocationsecuritymetadatasource : adding web access control expression 'permitall', ant [pattern='/images/**'] 2016-01-29 12:59:23.816 debug 10572 --- [ost-startstop-1] edfilterinvocationsecuritymetadatasource : adding web access control expression 'permitall', ant [pattern='/modules/**'] 2016-01-29 12:59:23.816 debug 10572 --- [ost-startstop-1] edfilterinvocationsecuritymetadatasource : adding web access control expression 'permitall', ant [pattern='/scripts/**'] 2016-01-29 12:59:23.816 debug 10572 --- [ost-startstop-1] edfilterinvocationsecuritymetadatasource : adding web access control expression 'permitall', ant [pattern='/styles/**'] 2016-01-29 12:59:23.816 debug 10572 --- [ost-startstop-1] edfilterinvocationsecuritymetadatasource : adding web access control expression 'permitall', ant [pattern='/vendor/**'] 2016-01-29 12:59:23.816 debug 10572 --- [ost-startstop-1] edfilterinvocationsecuritymetadatasource : adding web access control expression 'permitall', ant [pattern='/views/**'] 2016-01-29 12:59:23.816 debug 10572 --- [ost-startstop-1] edfilterinvocationsecuritymetadatasource : adding web access control expression 'permitall', ant [pattern='/index.html'] 2016-01-29 12:59:23.816 debug 10572 --- [ost-startstop-1] edfilterinvocationsecuritymetadatasource : adding web access control expression 'authenticated', ant [pattern='/api/**'] when invoque service url:
https://localhost:9999/health i have stack trace:
2016-01-29 13:05:34.076 info 10572 --- [nio-9999-exec-4] o.a.c.c.c.[tomcat].[localhost].[/] : initializing spring frameworkservlet 'dispatcherservlet' 2016-01-29 13:05:34.076 info 10572 --- [nio-9999-exec-4] o.s.web.servlet.dispatcherservlet : frameworkservlet 'dispatcherservlet': initialization started 2016-01-29 13:05:34.121 info 10572 --- [nio-9999-exec-4] o.s.web.servlet.dispatcherservlet : frameworkservlet 'dispatcherservlet': initialization completed in 45 ms 2016-01-29 13:05:34.136 debug 10572 --- [nio-9999-exec-4] o.s.s.w.u.matcher.antpathrequestmatcher : checking match of request : '/health'; against '/css/**' 2016-01-29 13:05:34.136 debug 10572 --- [nio-9999-exec-4] o.s.s.w.u.matcher.antpathrequestmatcher : checking match of request : '/health'; against '/js/**' 2016-01-29 13:05:34.136 debug 10572 --- [nio-9999-exec-4] o.s.s.w.u.matcher.antpathrequestmatcher : checking match of request : '/health'; against '/images/**' 2016-01-29 13:05:34.137 debug 10572 --- [nio-9999-exec-4] o.s.s.w.u.matcher.antpathrequestmatcher : checking match of request : '/health'; against '/**/favicon.ico' 2016-01-29 13:05:34.137 debug 10572 --- [nio-9999-exec-4] o.s.s.w.u.matcher.antpathrequestmatcher : checking match of request : '/health'; against '/error' 2016-01-29 13:05:34.137 debug 10572 --- [nio-9999-exec-4] o.s.s.w.u.matcher.antpathrequestmatcher : checking match of request : '/health'; against '/health' 2016-01-29 13:05:34.137 debug 10572 --- [nio-9999-exec-4] o.s.security.web.filterchainproxy : /health has empty filter list what mean health has empty filter list?
when doing this:
web.ignoring().antmatchers("/health"); is same spring configuration xml security="none".
it means url not secured , returning empty filter list means spring won't send request throw filter because there not filters.. meaning unsecured url
edit: not sure diffrences works sure:
http.antmatchers("/health").permitall(); this should instead of .ignoring() , should put under httpsecurity method rest
Comments
Post a Comment