how to permit certain entities api to all users in jhipster
Question
I am using jhipster 4.6.2 and Angular 1+
I want this questions entity to be permitted to all users.After searching in the internet, i came to know that adding the below lines in SecurityConfiguration.java. But after adding these lines, API's are hit in the backend. But getting this error in the logs.
org.springframework.expression.spel.SpelEvaluationException: EL1008E: Property or field 'username' cannot be found on object of type 'java.lang.String' - maybe not public?
.antMatchers("/api/**").permitAll()
.antMatchers("/api/questions").permitAll()
.antMatchers("/api/questions/id").permitAll()
how can i achieve this? I want few more entites to be permitted to all users without login.
1 answers
solution1
0 2017-08-22 08:52:07
As explained in Spring Security documentation : Each matcher is considered in the order they were declared. Also you should keep authenticated requirement or /api/**
Try this:
.antMatchers("/api/questions").permitAll()
.antMatchers("/api/questions/id").permitAll()
.antMatchers("/api/**")..authenticated()
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.