Untitled
unknown
plain_text
a year ago
1.1 kB
6
Indexable
@Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private JwtTokenProvider jwtTokenProvider; @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); http.authorizeRequests() .antMatchers("/api/images/upload").permitAll() // Allow uploading without authentication .anyRequest().authenticated() .and() .apply(new JwtConfigurer(jwtTokenProvider)); } @Override public void configure(WebSecurity web) throws Exception { // Allow access to certain endpoints without authentication web.ignoring().antMatchers("/api/images/upload"); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { // Configure authentication manager, e.g., in-memory or database-based authentication } }
Editor is loading...
Leave a Comment