Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

permitAll() Not effective #8

Closed
Vengxf opened this issue Jan 17, 2023 · 3 comments · May be fixed by #27
Closed

permitAll() Not effective #8

Vengxf opened this issue Jan 17, 2023 · 3 comments · May be fixed by #27

Comments

@Vengxf
Copy link

Vengxf commented Jan 17, 2023

permitAll url Not effective ; also can be filter by JwtAuthenticationFilter
@ali-bouali
Copy link
Owner

can you give more details?
the issue is not clear

@nekitbr nekitbr mentioned this issue Apr 27, 2023
Open
@morsalins
Copy link

morsalins commented Jun 6, 2023
edited
Loading

permitAll url Not effective ; also can be filter by JwtAuthenticationFilter

If you want to avoid JwtAuthenticationFilter on specific url, you can just Override shouldNotFilter method from OncePerRequestFilter. It is cleaner than checking those urls in doFilterInternal method.

For example:

@Component
public class JwtAuthenticationFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest request,
                                    HttpServletResponse response,
                                    FilterChain filterChain) throws ServletException, IOException {
        // implement your filtering logic
    }

    @Override
    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
        return request.getServletPath().equals("/login");
    }
}

It returns a boolean, so you can check multiple urls, which you don't want to pass out from this filters.

@ali-bouali
Copy link
Owner

@morsalins thank you for suggestion.
Issue fixed by @morsalins

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Refactor guest routes nekitbr/spring-boot-3-jwt-security
3 participants
@morsalins @ali-bouali @Vengxf