PFS/pfs-intra
4
0
Fork 0
Code Issues 32 Pull Requests Actions Packages Projects 2 Releases Wiki Activity

fix aceeditor permissions

Browse Source
This commit is contained in:
alex 2024-08-08 19:12:02 -04:00
parent 264d3a781a
commit 4fbb6e8914
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/com/primefactorsolutions/config/SecurityConfig.java
View File

@ -6,10 +6,8 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod; import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory; import org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource; import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@ -24,7 +22,12 @@ public class SecurityConfig extends VaadinWebSecurity {
auth auth
.requestMatchers(AntPathRequestMatcher.antMatcher("/h2-console/**")).permitAll() .requestMatchers(AntPathRequestMatcher.antMatcher("/h2-console/**")).permitAll()
.requestMatchers( .requestMatchers(
AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/images/*.png")).permitAll()) AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.jpg"),
AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.png"),
AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.css"),
AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.scss"),
AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/**/*.js")
).permitAll())
.headers(headers -> headers.frameOptions(frameOptionsConfig -> { .headers(headers -> headers.frameOptions(frameOptionsConfig -> {
//no-op //no-op
}).disable()) }).disable())
@ -43,4 +46,3 @@ public class SecurityConfig extends VaadinWebSecurity {
return factory.createAuthenticationManager(); return factory.createAuthenticationManager();
} }
} }