Removed deprecated CORS errors

2025-04-15 02:41:21 +05:30
parent bf6c93efd5
commit 293b73cf2a
1 changed files with 34 additions and 16 deletions
@@ -28,27 +28,45 @@ public class SecurityConfiguration {
        this.jwtAuthenticationFilter = jwtAuthenticationFilter;
    }

+//    @Bean
+//    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+//        http.csrf()
+//                .disable()
+//                .authorizeHttpRequests()
+//                .requestMatchers("/api/hdfs/**") // Specific API endpoints that don't require authentication
+//                .permitAll()
+//                .requestMatchers("/api/**") // Other endpoints that should be open
+//                .permitAll()
+//                .anyRequest()
+//                .authenticated() // All other requests require authentication
+//                .and()
+//                .sessionManagement()
+//                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+//                .and()
+//                .authenticationProvider(authenticationProvider)
+//                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+//
+//        return http.build();
+//    }
+
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-        http.csrf()
-                .disable()
-                .authorizeHttpRequests()
-                .requestMatchers("/api/hdfs/**") // Specific API endpoints that don't require authentication
-                .permitAll()
-                .requestMatchers("/api/**") // Other endpoints that should be open
-                .permitAll()
-                .anyRequest()
-                .authenticated() // All other requests require authentication
-                .and()
-                .sessionManagement()
-                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-                .and()
+        return http
+                .securityMatcher("/**")
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/api/hdfs/**", "/api/**").permitAll()
+                        .anyRequest().authenticated()
+                )
+                .sessionManagement(session -> session
+                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                )
                .authenticationProvider(authenticationProvider)
-                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
-
-        return http.build();
+                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
+                .csrf(csrf -> csrf.disable())
+                .build();
    }

+
 //    @Bean
 //    CorsConfigurationSource corsConfigurationSource() {
 //        CorsConfiguration configuration = new CorsConfiguration();