This application has no explicit mapping for /error, so you are seeing this as a

1. This application has no explicit mapping for /error, so you are seeing this as a fallback.
2.  
3. Fri Feb 22 18:40:55 EST 2019
4. There was an unexpected error (type=Forbidden, status=403).
5. Forbidden
6.  
7. @Override
8. protected void configure(HttpSecurity http) throws Exception {
9. // Disabling CSRF because it causes issues with API requests (POSTs don't
10. // contain the CSRF tokens).
11. http.csrf().disable();
12.  
13. http.headers().frameOptions().disable();
14.  
15. http.authorizeRequests()
16.  
17. // This line turns off authentication for all management endpoints, which means all
18. // endpoints that start with "/actuator" (the default starter path for management endpoints
19. // in spring boot applications). To selectively choose which endpoints to exclude from authentication,
20. // use the EndpointRequest.to(String ... method, as in the following example:
21. // .requestMatchers(EndpointRequest.to("beans", "info", "health", "jolokia")).permitAll()
22. .requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
23.  
24. // Do not authenticate resource requests
25. .antMatchers(
26. "/app/css/**",
27. "/app/img/**",
28. "/app/js/**",
29. "/app/bootstrap/**").permitAll()
30.  
31. .antMatchers(
32. "/admin/**",
33. "/app/builds/**",
34. "/app/monitor/**",
35. "/app/review/**")
36. .hasRole(requiredRole)
37.  
38. // All other requests are authenticated
39. .anyRequest().authenticated()
40.  
41. // Any unauthenticated request is forwarded to the login page
42. .and()
43. .formLogin()
44. .loginPage(LOGIN_FORM)
45. .permitAll()
46. .successHandler(successHandler())
47.  
48. .and()
49. .exceptionHandling()
50. .authenticationEntryPoint(delegatingAuthenticationEntryPoint())
51.  
52. .and()
53. .logout()
54. .logoutRequestMatcher(new AntPathRequestMatcher(LOGOUT_FORM))
55. .logoutSuccessUrl(LOGIN_FORM);
56. }