Skip to content

Spring Boot. Static resource outside the security protection.

2015-12-13 23:05:59

If you want to use some style for your login page, for example style provider by bootstrap. You have to mark that static resource as outside the security protection.

I assume that you have something like this:

Configuration for static resource

package btbw.config;

import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;

public class Profiles {
    public static final String DEVELOPMENT = "dev";
    public static final String PRODUCTION = "prod";

class ConfigProduction extends WebSecurityConfigurerAdapter {

    protected void configure(HttpSecurity http) throws Exception {
        // @formatter:off
        // @formatter:on

class ConfigDevelopment extends WebSecurityConfigurerAdapter {

    private static final Logger LOGGER = LoggerFactory.getLogger(Profiles.class);

    protected void configure(HttpSecurity http) throws Exception {"Run DEVELOPMENT Security Configuration");

important line is .antMatchers("/lib/bootstrap/**","/css/**","/img/**","/js/**").permitAll()