I enable spring security in my system. I have two urls, and one should be without security (for now). Here is my security section
<security:intercept-url pattern="/api/admin**"
access="permitAll" />
<security:intercept-url pattern="/api/**"
access="hasAnyRole('ROLE_ADMIN', 'ROLE_USER')" />
<security:http-basic />
Admin section should be available without login for now, but that is not the case, accessing url: http://localhost:8080/kma/api/admin/accounting/ Still requires a username and password
Aucun commentaire:
Enregistrer un commentaire