@Configuration
@Order(CustomWebSecurityConfig.ORDER)
public class CustomWsSecurityConfig extends WebSecurityConfig {
/**
* Order of this {@link CustomWsSecurityConfig}.
*/
public static final int ORDER = WebSecurityConfig.WsSecurityConfig.ORDER - 5;
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.csrf().disable() // HTTP with disabled CSRF
.antMatcher(WS_URI_PREFIX + DEFAULT_PATH_PATTERN)
.authorizeRequests()
.anyRequest().hasAnyRole(GlobalSecurityConfig.AuthRole.WS_CUSTOM.name())
.and()
.httpBasic();
// @formatter:on
}
}
} |