diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jSpringSecurityConfig.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jSpringSecurityConfig.java index f3c64ec4a..a27b6265a 100644 --- a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jSpringSecurityConfig.java +++ b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jSpringSecurityConfig.java @@ -71,7 +71,9 @@ public AuditorAware pac4jAuditorAware() { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http.authorizeHttpRequests().requestMatchers(new AntPathRequestMatcher("/unsecured/**/*"), - new AntPathRequestMatcher("/entities/**/*"), + new AntPathRequestMatcher("/entities*"), + new AntPathRequestMatcher("/entities/*"), + new AntPathRequestMatcher("/entities/**"), new AntPathRequestMatcher("/favicon.ico"), new AntPathRequestMatcher("/assets/**/*.png"), new AntPathRequestMatcher("/static/**/*"), @@ -127,7 +129,9 @@ public WebSecurityCustomizer webSecurityCustomizer() { firewall.setAllowSemicolon(true); return (web) -> web.ignoring().requestMatchers(new AntPathRequestMatcher("/unsecured/**/*"), - new AntPathRequestMatcher("/entities/**/*"), + new AntPathRequestMatcher("/entities*"), + new AntPathRequestMatcher("/entities/*"), + new AntPathRequestMatcher("/entities/**"), new AntPathRequestMatcher("/favicon.ico"), new AntPathRequestMatcher("/assets/**/*.png"), new AntPathRequestMatcher("/static/**/*"),