I start a new vaadin project with springboot with the vaadin-spring-security login.
But Now I need to create one REstController to grant access to one cliente.
So I goes to my applicatio.yml and put
vaadin:
launch-browser: true
whitelisted-packages: com.vaadin,org.vaadin,dev.hilla
exclude-urls: /api/**
Then I create one RestController just like this:
@RestController
public class SeloController {
private final SeloEletronicoMapper seloEletronicoMapper;
private final AtualizarSeloEletronicoGateway atualizarSeloEletronicoGateway;
public SeloController(SeloEletronicoMapper seloEletronicoMapper, AtualizarSeloEletronicoGateway atualizarSeloEletronicoGateway) {
...
}
@PostMapping("/api/selo")
public void atualizar(@RequestBody List<SeloEletronicoVO> selos){
atualizarSeloEletronicoGateway.atualizarSeloEletronico(seloEletronicoMapper.fromVOS(selos));
}
}
In my SecutiryConfiguration I put this:
@EnableWebSecurity
@Configuration
public class SecurityConfiguration extends VaadinWebSecurity {
private final TokenProvider authenticationProvider;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(new TenantFilter(), UsernamePasswordAuthenticationFilter.class);
http.authorizeHttpRequests(authorize -> authorize.requestMatchers(new AntPathRequestMatcher("/api/**")).permitAll());
http.authorizeHttpRequests(
authorize -> authorize.requestMatchers(new AntPathRequestMatcher("/images/*.png")).permitAll());
// Icons from the line-awesome addon
http.authorizeHttpRequests(authorize -> authorize
.requestMatchers(new AntPathRequestMatcher("/line-awesome/**/*.svg")).permitAll());
super.configure(http);
setLoginView(http, LoginView.class);
}
}
But When I Try to access the URL I got this:
I already try to remove the line from SecurityConfiguration but without success too
message.txt (5.54 KB)