29a6bc74620d7ee491d6ff393d8a058dc5ae7f67,src/main/java/ch/rasc/s4ws/portfolio/config/WebSecurityConfig.java,WebSecurityConfig,configure,#HttpSecurity#,31
Before Change
protected void configure(HttpSecurity http) throws Exception {
//@formatter:off
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/portfoliodemo/login.css").permitAll()
.antMatchers("/portfoliodemo/**").authenticated()
.and()
After Change
protected void configure(HttpSecurity http) throws Exception {
//@formatter:off
http
.csrf().disable()
// See https://jira.springsource.org/browse/SPR-11496
.headers().addHeaderWriter(
new XFrameOptionsHeaderWriter(
XFrameOptionsHeaderWriter.XFrameOptionsMode.SAMEORIGIN))
.and()
.formLogin()
.defaultSuccessUrl("/portfoliodemo/index.html")
.loginPage("/portfoliodemo/login.html")
.failureUrl("/portfoliodemo/login.html?error")
.permitAll()
.and()
.logout()
.logoutSuccessUrl("/portfoliodemo/login.html?logout")
.logoutUrl("/portfoliodemo/logout.html")
.permitAll()