29a6bc74620d7ee491d6ff393d8a058dc5ae7f67,src/main/java/ch/rasc/s4ws/portfolio/config/WebSecurityConfig.java,WebSecurityConfig,configure,#HttpSecurity#,31

Before Change


	protected void configure(HttpSecurity http) throws Exception {
		//@formatter:off
		http
		    .csrf().disable()
			.authorizeRequests()
				.antMatchers("/portfoliodemo/login.css").permitAll()
				.antMatchers("/portfoliodemo/**").authenticated()
				.and()

After Change


	protected void configure(HttpSecurity http) throws Exception {
		//@formatter:off
		http
		.csrf().disable()
		// See https://jira.springsource.org/browse/SPR-11496
		.headers().addHeaderWriter(
				new XFrameOptionsHeaderWriter(
						XFrameOptionsHeaderWriter.XFrameOptionsMode.SAMEORIGIN))
	        .and()

		.formLogin()
			.defaultSuccessUrl("/portfoliodemo/index.html")
			.loginPage("/portfoliodemo/login.html")
			.failureUrl("/portfoliodemo/login.html?error")
			.permitAll()
			.and()
		.logout()
			.logoutSuccessUrl("/portfoliodemo/login.html?logout")
			.logoutUrl("/portfoliodemo/logout.html")
			.permitAll()