Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- My spring Boot application will be getting request from two sources.
- Based on header I want to use JWT based authentication and if JWT is not present in header will use basic authentication.
- Is there a way to configure this condition in spring security?
- Current Code snippet is below :
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Autowired
- private CustomAuthenticationEntryPoint authEntryPoint;
- @Value("${security.user.name}")
- private String userName;
- @Value("${security.user.password}")
- private String userPassword;
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.csrf().disable()
- .authorizeRequests()
- .antMatchers(HttpMethod.GET,"/api/check").permitAll()
- .anyRequest().authenticated()
- .and().httpBasic()
- .and().exceptionHandling()
- .authenticationEntryPoint(authEntryPoint)
- .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
- http.addFilterBefore(new StargateAuthenticationFilter(), BasicAuthenticationFilter.class);
- }
Add Comment
Please, Sign In to add comment