i have backend urls for some service to access, and frontend urls for website login to access, my situation is:
I don't want to start two different springboot process.
I have found this answer but springboot not allow to disable client-auth for specific urls:
Spring Boot: Disable Client Auth for specific URL
server:
ssl:
client-auth: need
and this answer maybe helpful, but i don't know how to mix two authentication method in my situation.
How set up Spring Boot to run HTTPS / HTTP ports
please help.
For Spring-Boot 2.7.0 this should be as simple as defining 2 instances of SecurityFilterChain, idealy you'd want one of them to be the default (remove the http.mvcMatcher line) and give the other @Order(1). Incase of older implementations i'm not 100% sure, for further research you probably find better results looking for a way to support 2 login method depending on endpoint than looking into how to disable certain elements.
@Configuration
public class WebSecurityConfig
{
@Bean
public SecurityFilterChain frontendFilterChain(HttpSecurity http) throws Exception
{
//@formatter:on
http
.mvcMatcher("/frontend/**")
.authorizeRequests(auth -> auth.anyRequest().permitAll());
//Extend with needed authentication
//@formatter:off
return http.build();
}
@Bean
@Order(1)
public SecurityFilterChain backendFilterChain(HttpSecurity http) throws Exception
{
//@formatter:on
http
.mvcMatcher("/backend/**")
.authorizeRequests(auth -> auth.anyRequest().permitAll());
//Extend with needed authentication
//@formatter:off
return http.build();
}
}
```
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.