Our application runs “behind” an IDM (reverse proxy). By default, you need to authenticate to access the app (authentication handled by IDM), but we need to allow anonymous access to some views, e. g. imprint.
Is there an overview of which paths and files need to be allowed to make Vaadin work?
Right now we have only
- /imprint (the view we actually want to make accessible without login)
- /VAADIN/*
When looking at the dev tools in the browser it seems that also
- /sw.js
- /icons/*
- /?v-r=init&…
are required.
So is there an overview what else is needed?
(I guess I could somehow gather this from VaadinSecurityConfigurer, but maybe it’s documented somewhere?)