Menu
I am little bit confuse with URL-pattern in spring security. Because, in servlet core http security, the / and /* url patterns are used for specify one or more directories. / is use for one directory and /* is used of many directories. But in spring-security, the /** is also introduce, what is the main purpose of /** url-pattern in security.
835
The difference between /* & /** is that the second matches the entire directory tree, including subdirectories, where as /* only matches at the level it's specified at.
132
@Override
protected void configure(HttpSecurity http) throws Exception {
// ...
.antMatchers(HttpMethod.GET, "/**").permitAll
.antMatchers(HttpMethod.POST, "/*").permitAll
// ...
}
In this configuration any "Get" request will be permitted, for example:
So, all this urls match text with pattern "/**".
Permitted urls for "Post":
Urls above match with "/*"
13
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
