added slashes to patterns what needed them, removed vestigial intercept from user-context

pull/263/head
Justin Richer 2012-11-26 16:23:46 -05:00
parent 122a2de074
commit fce47c239a
2 changed files with 3 additions and 4 deletions

View File

@ -64,8 +64,8 @@
<security:http pattern="/jwk**" use-expressions="true" entry-point-ref="http403EntryPoint">
<security:intercept-url pattern="/jwk**" access="permitAll"/>
</security:http>
<security:http pattern="/.well-known**" use-expressions="true" entry-point-ref="http403EntryPoint">
<security:intercept-url pattern="/.well-known**" access="permitAll"/>
<security:http pattern="/.well-known/**" use-expressions="true" entry-point-ref="http403EntryPoint">
<security:intercept-url pattern="/.well-known/**" access="permitAll"/>
</security:http>
<security:http pattern="/x509**" use-expressions="true" entry-point-ref="http403EntryPoint">
<security:intercept-url pattern="/x509**" access="permitAll"/>
@ -81,7 +81,7 @@
<security:expression-handler ref="oauthWebExpressionHandler" />
</security:http>
<security:http pattern="/api**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint">
<security:http pattern="/api/**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint">
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:expression-handler ref="oauthWebExpressionHandler" />
</security:http>

View File

@ -32,7 +32,6 @@
<security:http disable-url-rewriting="true" use-expressions="true">
<security:form-login login-page="/login" />
<security:intercept-url pattern="/oauth/**" access="hasRole('ROLE_USER')" />
<security:intercept-url pattern="/**" access="permitAll" />
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:logout/>