Spring-Boot REST service basic http auth exclude one endpoint

Well after more experimenting I found that the following works - @efekctive please note that there is no context prefix on the healthcheck:

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.csrf().disable().authorizeRequests()
     .antMatchers("/healthcheck").permitAll()
     .antMatchers("/**").authenticated().and().httpBasic();
}

One big caveat: when I posted this I was testing the healthcheck endpoint by invoking curl with BOGUS http credentials, expecting Spring to ignore them, but Spring always answered 401-unauthorized. The proper test is to invoke curl with NO http credentials at all, then the healthcheck endpoint answers quite happily.

Tags:

Java

Rest

Spring Boot

Related

Why does %timeit loop different number of times? How to use Swagger @ApiResponses annotation in Kotlin? Sprockets::FileNotFound: couldn't find file 'jquery' with type 'application/javascript' Heroku in Rails App Detect Route Change with react-router How to create more notes like TODO in Android Studio, for example CHECK or TEST? How to program a NSOutlineView? How to implement TypeScript deep partial mapped type not breaking array properties Is it possible to run Google Chrome in headless mode with extensions? Swift: iPhone's volume is low when trying to change speech to iPhone's voice in swift Bootstrap datetimepicker: show calendar pop-up when a user clicks on input Cannot load data from DynamoDB due to an attribute of type List<Object> which is not able to get unconverted and was saved using @DynamoDBDocument What are Pandas "expanding window" functions?

Recent Posts