Skip to content

Commit

Permalink
better role-based access control to the differents routes
Browse files Browse the repository at this point in the history
  • Loading branch information
@cmullercejas
cmullercejas committed Feb 5, 2020
1 parent b7e77b8 commit 3649974
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions src/main/java/org/springframework/samples/petclinic/configuration/SecurityConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,10 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/resources/**","/webjars/**","/h2-console/**").permitAll()
.antMatchers(HttpMethod.GET, "/","/oups").permitAll()
.antMatchers("/owners/**","/vets/**").hasAuthority("admin")
.antMatchers(HttpMethod.GET, "/","/oups","/register").permitAll()
// .antMatchers("/owners/**","/vets/**").hasAuthority("admin")
.antMatchers("/owners/**").hasAnyAuthority("owner","admin")
.antMatchers("/vets/**").authenticated()
.anyRequest().denyAll()
.and()
.formLogin()
Expand Down

0 comments on commit 3649974

Please sign in to comment.