fix: Too strict Spring Security configuration

felleslosninger · Apr 25, 2024 · 9931bd8 · 9931bd8
1 parent 035beb0
commit 9931bd8
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/...er/src/main/java/no/difi/meldingsutveksling/serviceregistry/config/WebSecurityConfig.java b/...er/src/main/java/no/difi/meldingsutveksling/serviceregistry/config/WebSecurityConfig.java
@@ -27,12 +27,11 @@ public static class BasicAuthFilter extends WebSecurityConfigurerAdapter {
         protected void configure(HttpSecurity http) throws Exception {
             http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                     .and().csrf().disable();
-            http.authorizeRequests((autz)-> autz
+            http.authorizeRequests((autz) -> autz
                     .antMatchers("/health/**").permitAll()
                     .antMatchers("/manage/health/**").permitAll()
                     .antMatchers("/prometheus").permitAll()
-                    .antMatchers("/manage/prometheus").permitAll()
-                    .anyRequest().authenticated());
+                    .antMatchers("/manage/prometheus").permitAll());
         }
     }