From ae95e76fbf17f6c3bda58044ad363bdbdee41681 Mon Sep 17 00:00:00 2001 From: Antonis Lempesis Date: Fri, 15 May 2020 08:09:38 +0000 Subject: [PATCH] opening /stats to all --- .../repo/manager/config/AaiSecurityConfiguration.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/main/java/eu/dnetlib/repo/manager/config/AaiSecurityConfiguration.java b/src/main/java/eu/dnetlib/repo/manager/config/AaiSecurityConfiguration.java index 2f39f5b..5c22184 100644 --- a/src/main/java/eu/dnetlib/repo/manager/config/AaiSecurityConfiguration.java +++ b/src/main/java/eu/dnetlib/repo/manager/config/AaiSecurityConfiguration.java @@ -12,6 +12,7 @@ import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; @@ -57,12 +58,16 @@ public class AaiSecurityConfiguration extends WebSecurityConfigurerAdapter { auth.authenticationProvider(openIdConnectAuthenticationProvider()); } + @Override + public void configure(WebSecurity web) throws Exception { + web.ignoring().antMatchers("/stats/**"); + } + @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable() .anonymous().disable() .authorizeRequests() - .antMatchers("/stats").permitAll() .anyRequest().authenticated() .and() .httpBasic()