Commit 754d96c9 authored by Khalid Ali's avatar Khalid Ali
Browse files

Allow localhost POST requests

parent 779485ff
...@@ -16,7 +16,11 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe ...@@ -16,7 +16,11 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.logout.LogoutFilter; import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
@Configuration @Configuration
...@@ -40,6 +44,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -40,6 +44,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.cors()
.and()
.csrf()
.disable()
.authorizeRequests() .authorizeRequests()
.regexMatchers("/secured.*", "/login", "/bs/api/.*") .regexMatchers("/secured.*", "/login", "/bs/api/.*")
.authenticated() .authenticated()
...@@ -74,4 +82,16 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -74,4 +82,16 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
filter.setAuthenticationManager(authenticationManager()); filter.setAuthenticationManager(authenticationManager());
return filter; return filter;
} }
@Bean
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("*"));
configuration.setAllowedHeaders(Arrays.asList("*"));
configuration.setAllowCredentials(true);
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
} }
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment