I have a simple testing authentication set up, but it's allowing any user role to access the "hello" class. I'm using an online example as my learning point and the author didn't get it working correctly either...
Here's the override for configure:
But the URL using the user = demo (and admin role), still gets to the page: localhost:8088/rest/hello
I've tried various combinations of asterisks with the .antMatchers() method above, but I can't get the security to respect only the user role.
To get the password stuff to work at all, I also had to refactor the online example to use a Password encoder.
Thanks in advance,
Just the other day, I was thinking ... about this tiny ad:
Programmatically Create PDF Using Free Spire.PDF with Java