Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Expose an unsecure Restful endpoint in a Springboot Secured application

Tags:

spring-boot

spring-security

I want to expose an unsecure Restful endpoint in a Springboot secured application. GET requests to the endpoint /api/notify work, but POST requests result in a 403. How do I configure so that remote clients can POST to /api/notify from there server?

My extended WebSecurityConfigurerAdapter looks like this:

protected void configure(HttpSecurity http) throws Exception {
    http
        .authorizeRequests()
        .antMatchers("/").permitAll()
        .antMatchers("/signup").permitAll()
        .antMatchers("/reset").permitAll()
        .antMatchers("/api/notify").permitAll()
        .anyRequest().authenticated();
    http
        .formLogin()
            .defaultSuccessUrl("/home")
        .failureUrl("/login?error")
        .loginPage("/login")
        .permitAll()
        .and()
        .logout()
        .permitAll();
}
like image 859
darren rose Avatar asked Oct 20 '25 10:10

darren rose

1 Answers

I think this is what you are looking for:

@Configuration
@EnableWebMvcSecurity
public class SecurityCtxConfig extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring()
                .antMatchers(HttpMethod.POST,
                        "<YOUR URL>");
    }
like image 136
Modi Avatar answered Oct 22 '25 00:10

Modi
Sign in to Comment

Related questions

Spring Security multiple successful authentication providers

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!