Announcement Announcement Module
Collapse
No announcement yet.
intercept-url config doesn't work properly when 'anonymous' authentication disabled Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • intercept-url config doesn't work properly when 'anonymous' authentication disabled

    Hi,
    I am trying to give GET access to to few URIs with 'permitAll' but this doesn't work when I disable 'anonymous' authentication. I am using spring-security 3.1.
    To make it clear below config works:
    <security:anonymous enabled="true"/>....
    <security:intercept-url pattern="/service/abc/**" access="permitAll" method="GET"/>
    <security:intercept-url pattern="/**" access="isFullyAuthenticated()" />

    I can access ../service/abc/* (GET req) without Login into application.

    However when I change to <security:anonymous enabled="false"/>....
    I always get redirected to login page for ../service/abc/* (GET req) .
    Could someone please help and guide if I am missing something.

    To add further, I need to disable anonymous authentication so that I can use spring-secuirty-oauth for facebook login.

    Thanks,
    Pravin
Working...
X