Controller
@GetMapping("/api/data")
String response(){
}
application.properties
server.servlet.context-path=/v1
Spring secuity
http.authorizeRequests().anyMatcher("/v1/**").authenicated()
Here authentication is not happening. I believe, spring-security is ignoring the context-path thats been configured in the application.properties. Why is spring-security ignoring the context path. How to fix this?
For the above image, I expected a 401 since the v1/** is supposed to be authorised
This is working fine,
http.authorizeRequests().anyMatcher("/**").authenicated()
CodePudding user response:
Turn ON the debug for Spring Security, then you would understand what's happening.
@EnableWebSecurity(debug = true)
When,
server.servlet.context-path=/v1
Generated Request:
Request received for GET '/api/data':
servletPath:/api/data
pathInfo:null
When,
spring.mvc.servlet.path=/v1
Generated Request:
Request received for GET '/v1/api/data':
servletPath:/v1
pathInfo:/api/data
Go with servlet-path for what you are trying to implement...