Hi to all ,
i dont know if i open this to the right place but i need to implement a register page. so i permit it in the security conf. but even sspring security allow “/register” page. i still see the login page.
how can i just disable security for certain urls?
this setup does not work :
@Override
protected void configure(HttpSecurity http) throws Exception {
// Not using Spring CSRF here to be able to use plain HTML for the login page
http.csrf().disable()
// Register our CustomRequestCache, that saves unauthorized access attempts, so
// the user is redirected after login.
//.requestCache().requestCache(new CustomRequestCache())
// Restrict access to our application.
.authorizeRequests().antMatchers("/register").permitAll()
// Allow all flow internal requests.
.requestMatchers(SecurityUtils::isFrameworkInternalRequest).permitAll()
// Allow all requests by logged in users.
//.anyRequest().hasAnyAuthority(Role.getAllRoles())
.anyRequest().authenticated()
// Configure the login page.
.and().formLogin().loginPage(LOGIN_URL).successHandler(authenticationSuccessHandler).loginProcessingUrl(LOGIN_PROCESSING_URL).permitAll()
.failureUrl(LOGIN_FAILURE_URL)
// Configure logout
.and().logout().logoutSuccessHandler(myLogoutSuccessHandler).logoutSuccessUrl(LOGOUT_SUCCESS_URL).permitAll();
}
and this is register view :
@Route(value = "register")
public class RegisterView extends VerticalLayout implements BeforeEnterObserver {
public RegisterView() {
add(new H1("REGISTER"));
}
@PostConstruct
public void init() {
}
@Override
public void beforeEnter(BeforeEnterEvent beforeEnterEvent) {
}
}
and i am adding how “register” url looks.