Menu
I am learning Spring and want to know why there is difference when I change order of these two authorizeRequests() methods:
This works fine:
security.authorizeRequests()
.antMatchers("/css/**")
.permitAll();
security.authorizeRequests()
.anyRequest()
.authenticated();
This does not:
security.authorizeRequests()
.anyRequest()
.authenticated();
security.authorizeRequests()
.antMatchers("/css/**")
.permitAll();
What I mean by "doesn't work" is that in my login page CSS is not applied while using second example. Why order of these two methods actually matters?
679
asked Nov 29 '25 16:11
When multiple children to the http.authorizeRequests() method each matcher is considered in the order they were declared. In your second example it define every request require authentication.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With