Java tutorial
/* * Copyright 2017 Regents of the University of California. Licensed under the Educational Community License, Version * 2.0 (the "license"); you may not use this file except in compliance with the License. You may obtain a copy of the * license at * * https://opensource.org/licenses/ECL-2.0 * * Unless required under applicable law or agreed to in writing, software distributed under the License is distributed * in an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for * specific language governing permissions and limitations under the license. */ package org.opentestsystem.ap.ivs.config; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; @Configuration @ConditionalOnProperty(value = "security.basic.enabled", havingValue = "true", matchIfMissing = true) @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override public void configure(final HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests().antMatchers("/manage/info*", "/manage/health*", "/api/**") .permitAll().anyRequest().authenticated().and().httpBasic(); // disable page caching http.headers().cacheControl(); } }