From 4fbb6e8914279a1f8ad0eae646638fb644353d99 Mon Sep 17 00:00:00 2001 From: Alex Prudencio Date: Thu, 8 Aug 2024 19:12:02 -0400 Subject: [PATCH] fix aceeditor permissions --- .../primefactorsolutions/config/SecurityConfig.java | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/primefactorsolutions/config/SecurityConfig.java b/src/main/java/com/primefactorsolutions/config/SecurityConfig.java index 5abe3a0..f505000 100644 --- a/src/main/java/com/primefactorsolutions/config/SecurityConfig.java +++ b/src/main/java/com/primefactorsolutions/config/SecurityConfig.java @@ -6,10 +6,8 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer; import org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory; import org.springframework.security.ldap.DefaultSpringSecurityContextSource; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; @@ -24,7 +22,12 @@ public class SecurityConfig extends VaadinWebSecurity { auth .requestMatchers(AntPathRequestMatcher.antMatcher("/h2-console/**")).permitAll() .requestMatchers( - AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/images/*.png")).permitAll()) + AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.jpg"), + AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.png"), + AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.css"), + AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.scss"), + AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.js") + ).permitAll()) .headers(headers -> headers.frameOptions(frameOptionsConfig -> { //no-op }).disable()) @@ -43,4 +46,3 @@ public class SecurityConfig extends VaadinWebSecurity { return factory.createAuthenticationManager(); } } -