Hello everyone, I have a basic spring boot application that I want to implement basic security features on. I've added spring security, spring web and thymeleaf dependencies to my pom.xml file. I have the following codes.
HomeController class
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
@RequestMapping("/account")
public class HomeController {
@GetMapping("/home")
public String home() {
return "index";
}
@GetMapping("/register")
public String register() {
return "register";
}
}
AppSecurityConfig class
@EnableWebSecurity
public class AppSecurityConfig {
@Bean
public SecurityFilterChain configure(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests()
.requestMatchers("/login", "/register").permitAll()
.anyRequest().authenticated()
.requestMatchers("/account/**").hasAnyAuthority("USER")
.formLogin().and()
.httpBasic();
return http.build();
}
}
When I run the spring boot app and go to this url (localhost:8080/register) in my browser it's taking me to the spring default formLogin page which shouldn't be because I've used
.requestMatchers("/login", "/register").permitAll()
to exclude "/login" and "/register" urls from any authentication. Please what I'm I missing ? I have a "register.html" file in my template directory of my spring boot application. Thanks in advance for any help.
What I have tried:
pom.xml dependencies
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
</dependencies>