SheppardDigital
asked on
Spring Boot Security, adding filters to different routes
I'm trying to put together a single application that contains both an API and an Admin interface using Spring Boot.
The idea is that all API endpoints will be accessible via domain.com/api/ and the admin interface under domain.com/admin/
The Admin interface and the API need different types of authentication, so somehow in the spring security configuration I need to define a filter for routes starting with /api/ and define another route to be called for routes starting /admin/
This is my security config class, which I thought might work, but it doesn't.
The idea is that all API endpoints will be accessible via domain.com/api/ and the admin interface under domain.com/admin/
The Admin interface and the API need different types of authentication, so somehow in the spring security configuration I need to define a filter for routes starting with /api/ and define another route to be called for routes starting /admin/
This is my security config class, which I thought might work, but it doesn't.
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
AuthenticationFilter authenticationFilter;
@Autowired
AdminAuthenticationFilter adminAuthenticationFilter;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
// Allow anonymous visitors to auth controller methods
.antMatchers("/admin/auth/**").permitAll()
.antMatchers("/admin/**").authenticated().addFilterBefore(adminAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
.antMatchers("/api/**").authenticated().addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class)
// All other request need to be authenticated
.anyRequest().authenticated();
http.exceptionHandling().accessDeniedPage("/auth/403");
}
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER