AntMatchers that match any beginning of the path

Question

AntMatchers that match any beginning of the path

I have a REST service that will be used for authentication. The authentication endpoint will look like /api/v.1/authentication. An API version is a variable that can be modified to reflect updated versions. One example: /api/v.2/authentication. I like to have antMatcherone that can work with both of these cases, so I tried using .antMatchers(HttpMethod.POST,"**/authenticate").permitAll()with **to match any beginning of the endpoint, but that doesn't work. The following is a complete setup.

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
        .csrf().disable()
        .authorizeRequests()
             .antMatchers(HttpMethod.POST, "**/authenticate").permitAll()
             .antMatchers(HttpMethod.GET, "**/get-public-key").permitAll()
             .and()
        .authorizeRequests()
             .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
             .anyRequest().authenticated();
}

Any suggestions how can I solve this?

+4

spring spring-boot spring-security

g3blv Apr 30 '17 at 8:20

source share

1 answer

dur · Accepted Answer · 2017-04-30T20:48:22+0000

, . AntPathMatcher:

: , . , "/", , .

:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
        .csrf().disable()
        .authorizeRequests()
            .antMatchers(HttpMethod.POST, "/**/authenticate").permitAll()
            .antMatchers(HttpMethod.GET, "/**/get-public-key").permitAll()
            .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
            .anyRequest().authenticated();
}

AntMatchers that match any beginning of the path

More articles: