How to allow Spring Security 6 to permit general ressources (static, images, etc...)

Question

I'm on Spring Security 6, and having a trouble when rending pages: as I'm using Thymeleaf, the static repertory isn't allowed.

This is my filter

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception{
        httpSecurity
                .csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests(auth -> auth
                    .requestMatchers("/auth/**")
                        .permitAll()
                    .anyRequest()
                        .authenticated())
         
        return httpSecurity.build();
    }

When try to add

@Bean
    public WebSecurityCustomizer webSecurityCustomizer() {
        return (web) -> web.ignoring().antMatchers("/static");
    }

it seem as depreciated.

But When I edit the filter like this

.authorizeHttpRequests(auth -> auth
                    .requestMatchers("/**")
                        .permitAll()

Everything is correct.

May someone know by what it has been replaced ..??

thanks !!!

How to allow Spring Security 6 to permit general ressources (static, images, etc...)

0 Answers0