java.lang.IllegalStateException: Can't configure anyRequest after itself
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.headers().frameOptions().disable()
.and()
.authorizeRequests(request->
request.antMatchers("/**").permitAll()
.anyRequest().authenticated()
)
.formLogin(login->
login.loginPage("/users/account")
.loginProcessingUrl("/users/account/login")
.defaultSuccessUrl("/", false)
.failureUrl("/users/account/login-error")
)
.logout(logout->
logout.logoutUrl("/users/account/logout")
.logoutSuccessUrl("/")
)
.exceptionHandling(error->
error.accessDeniedPage("/users/account")
)
.oauth2Login(oauth->
oauth.userInfoEndpoint()
.userService(customOAuth2UserService)
)
;
super.configure(http);
}
재정의된 configure(http)
method 에서 이미 .authorizeRequests().anyRequest().authenticated()
를 호출하고 있기 때문에 security configuration 설정을 커스텀할 때는 super.configure(http)
를 또 호출하면 오류가 발생한다.
configure(http) 메서드의 super.configure(http)
를 지운다.