Java authorizeRequests().permitAll() not working

dennis2 · July 7, 2022, 10:43am

Using the code from the Quickstart guide and running into issues.

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests()
				//.mvcMatchers(HttpMethod.GET, "/api/menu/items/**").permitAll() // GET requests don't need auth
				.mvcMatchers("/webhook/**")
				.permitAll() // Allow webhook calls
				.and()
				.authorizeRequests()
				.anyRequest()
				.authenticated()
				.and()
				.oauth2ResourceServer()
				.jwt()
				.decoder(jwtDecoder());
	}

My understanding is this should allow calls to /webhook to pass freely, but it’s not working as expected. My webhook calls are getting authenticated and throwing 401 errors. What’s wrong?

Topic		Replies	Views
Java Security Bug Help	2	2075	July 1, 2021
Why is the Spring Boot integration not working once deprecated APIs are upgraded? Help auth0-java , sdks-quickstarts	2	3494	November 1, 2024
500 Internal Server Error - Spring JWT Help jwt , api , spring-boot , spring-security	4	13165	May 8, 2020
Protected API allows GET requests through Help auth0 , api , spring-security	2	2435	April 8, 2022
Using Authorization with Spring Boot 3.0.2 Help auth0-java , sdks-quickstarts	0	340	May 13, 2024

Java authorizeRequests().permitAll() not working

Related Topics