From 3ddae8e63c31de73b7d2b832e119c46cbf4ca430 Mon Sep 17 00:00:00 2001 From: WonyuChoi Date: Wed, 11 Sep 2024 17:52:47 +0900 Subject: [PATCH] =?UTF-8?q?FLASH-259=20fix:=20=EC=88=9C=EC=B0=A8=EC=A0=81?= =?UTF-8?q?=EC=9C=BC=EB=A1=9C=20=EC=97=AD=ED=95=A0=20=EA=B2=80=EC=82=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/first/flash/global/config/SecurityConfig.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/first/flash/global/config/SecurityConfig.java b/src/main/java/com/first/flash/global/config/SecurityConfig.java index b4094433..dac66138 100644 --- a/src/main/java/com/first/flash/global/config/SecurityConfig.java +++ b/src/main/java/com/first/flash/global/config/SecurityConfig.java @@ -48,9 +48,9 @@ public SecurityFilterChain filterChain(final HttpSecurity http) throws Exception .authorizeHttpRequests(authorize -> authorize .requestMatchers(AUTH_WHITELIST).permitAll() .requestMatchers("/admin/**").hasRole("ADMIN") - .requestMatchers(HttpMethod.GET, "/**").hasRole("WEB") + .requestMatchers(HttpMethod.GET, "/**").hasAnyRole("ADMIN", "USER", "WEB") .requestMatchers("/**").hasAnyRole("ADMIN", "USER") - .anyRequest().denyAll() + .anyRequest().authenticated() ) .addFilterBefore(new JwtAuthFilter(tokenManager, userDetailsService), UsernamePasswordAuthenticationFilter.class)