I was trying to enable csrf filter for some specific api calling and for the others no need of csrf filter.What I have done is
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/public/**").permitAll();
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
http.csrf().disable().addFilterBefore(new StatelessCSRFFilter(), CsrfFilter.class).authorizeRequests().antMatchers("/rest/**").permitAll();
}
The problem is when I was calling localhost:8080/public/hello
An error was showing
"message": "Missing or non-matching CSRF-token"
I am using Spring boot and Spring Security.
Thanks for any help.
Aucun commentaire:
Enregistrer un commentaire