Connect to the Spring Security web project to protect the pages of the site. In the SecurityConfig class, which extends the WebSecurityConfigurerAdapter, there is a protected void configure method (HttpSecurity http) that looks something like this:
@Override protected void configure(HttpSecurity http) throws Exception{ http.csrf().disable(); http.authorizeRequests().antMatchers("/**").authenticated() .anyRequest().permitAll() .and().formLogin().loginPage("/login").permitAll().and().formLogin().successHandler(new MySimpleUrlAuthenticationSuccessHandler()).failureForwardUrl("/login?error"); } And so, there is an antMatcher in which I specify url addresses that are accessible only to authorized users (as I understand it), but I want the main page at the address "/" to be also accessible to all users, including those who are not authorized. Looking at other issues, I found a solution to this problem in the form of public void configure(WebSecurity web) :
@Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers("/"); } But the fact is that nothing works in this code, I cannot go to the main page without authorization. It seems to me that the matter is in the wrong antMatchers("/") parameter, because the same works for another address
@EnableGlobalMethodSecurity(prePostEnabled = true) @EnableWebSecurity @Configurationannotations@EnableGlobalMethodSecurity(prePostEnabled = true) @EnableWebSecurity @Configuration- denisbaicpublic String index2(Model model, Principal principal) { model.addAttribute("message","You are logged in as "+principal.getName()); return "index"; }public String index2(Model model, Principal principal) { model.addAttribute("message","You are logged in as "+principal.getName()); return "index"; }public String index2(Model model, Principal principal) { model.addAttribute("message","You are logged in as "+principal.getName()); return "index"; }caught an error because principal = null - denisbaic