I would like to add (temporary) basic authentication before website is shown. I try to add this http before normal form login.
<http pattern="/**" use-expressions="true" authentication-manager-ref="basicAuthManager">
<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<http-basic />
</http>
<http auto-config="true" use-expressions="true">
...
<form-login .../>
</http>
But I have exception:
A universal match pattern ('/**') is defined before other patterns in the filter chain,
causing them to be ignored. Please check the ordering in your <security:http>
namespace or FilterChainProxy bean configuration
Is it possible to do what I want?
Aucun commentaire:
Enregistrer un commentaire