diff --git a/src/main/java/com/example/nto/config/WebSecurityConfig.java b/src/main/java/com/example/nto/config/WebSecurityConfig.java index 350422c..3d477d5 100644 --- a/src/main/java/com/example/nto/config/WebSecurityConfig.java +++ b/src/main/java/com/example/nto/config/WebSecurityConfig.java @@ -5,7 +5,6 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; @@ -33,21 +32,13 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { http.csrf().disable() .authorizeRequests() .antMatchers("/h2-console/**").permitAll() - .antMatchers("/api/v1/images/**").permitAll() - .antMatchers("/api/v1/volunteers/login").permitAll() - .antMatchers("/api/v1/volunteers/register").permitAll() - - .antMatchers("/api/v1/**").permitAll() - //.antMatchers("/api/v1/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN") + .antMatchers("/api/v1/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN") + .antMatchers("/api/v1/authorization/login").permitAll() + .antMatchers("/api/v1/authorization/register").permitAll() .anyRequest().authenticated() .and() .httpBasic() .and() .headers().frameOptions().disable(); } - - @Override - public void configure(WebSecurity web) { - web.ignoring().antMatchers("/api/v1/volunteers/images"); - } }