📈
Development Docs - Java
  • Introduction
  • General
    • Compiling and running
    • Code Style
    • Operators
    • Control Flow
    • Inheritance
    • Enums
    • Manifest
    • Immutable and Unmodifiable
    • Regular Expression
    • Executable class
    • Text Formatting
  • Beans and Objects
    • Primitives
    • Variables
    • Java Beans
    • Serialization
    • Hashcode, equals and toString
  • Generics
    • General
    • Generic Methods
    • Bound Parameters
    • Wildcards
    • Type Erasure
    • Type Parameter Naming Conventions
  • Documentation
    • Comments
    • Javadoc
      • Code Example
  • Collections and Data Structures
    • Arrays
    • Iterable
    • Collection
    • List
    • Set
    • Queue
    • Stack
    • Map
  • Introspection
    • Properties
  • Errors and Exceptions
    • General
    • Catching Exceptions
    • Checked Exceptions
  • Functional
    • General
    • Interfaces
    • Function
    • Predicate
    • Consumer
    • Supplier
    • Method References
    • Lambdas
    • Streams
      • Common Operations
      • Searching for Values
      • Other Operations
      • Data Structure Transformations
  • Internationalization
    • General
    • Locale
    • Resource Bundle
    • Formatting
  • Java Bean Validation
    • Specification
    • Annotations
    • Validator
  • Utilities Classes
    • Libraries
    • Constants Class
    • Preconditions
    • Apache Commons
      • Strings
      • Dates
    • Guava
      • Preconditions
  • JPA
    • General
    • Logging
    • JPA Entities
    • Lifecycle
    • JPQL
    • Criteria API
  • HIBERNATE
    • Logging
      • Sessions
      • Statistics
      • Queries
      • Hibernate Properties
    • More Information
  • Ant
    • Scripts
    • Examples
      • Replace Version
      • Merge Files
      • Execute Command
  • LOGGING
    • SL4J
    • Log4j
      • Logging Levels
      • Formatted Messages
      • Templated Messages
      • Mapped Diagnostic Context
    • Hikari
  • Testing
    • Libraries
    • Junit
      • Setting Up Tests
        • JUnit 4 Tests
        • JUnit 5 Tests
      • Disable Tests
      • Test Lifecycle
      • Testing Exceptions
      • Display Name
      • Test Files
      • Extensions
        • Annotation Extension
    • Mockito
      • Mocking
      • Verify Calls
      • Throw Exceptions
      • Capture Arguments
  • KeyStore
    • Types
    • Generation
    • Certificates
    • Keys
    • Reading
  • Jackson
    • General
    • Deserialize
      • Dates
      • Enums
    • Object Hierarchy
    • Ignoring Data
    • Change Field Name
    • Mixin
  • Maven
    • Execution
      • Commands
      • Parameters
      • Building the Project
    • Deployments
      • Configuration
      • Deploying Web Projects Locally
      • Deploying Documentation
    • Tests
      • Deploying the WAR for Testing
    • Site
      • Setting Up
      • Reports
      • Theme
    • Maven Lifecycle
      • Binding Plugins to Phases
    • Dependency Management
      • Artifact Repositories
    • Maven Archetype
      • Testing Archetypes
    • Configuration
      • Project Setup
      • Maven Build Plugins
      • Profiles
        • Forcing an Active Profile
      • Default Properties
      • Parent POM
      • Settings File
      • Versions
      • Extensions
      • Setting Up the JAR
        • Attach Sources
        • Attach Javadocs
        • Manifest
    • JPA
      • Generating Metamodel
    • Frontend with Maven
      • WebJars
      • npm and Webpack
    • Continuous Integration
    • Ant
    • Executable JAR
  • Spring
    • General
    • SpEL
    • Files
    • Sending Mails
  • Spring Configuration
    • Profiles
    • Conditional Configuration
    • Properties Object
  • Spring Dependence Injection
    • Injections
      • Asking for a Specific Bean
    • Injecting Values
    • Injecting Multiple Instances
    • Interdependence
    • Component Scanning
  • Spring Beans
    • Initialization
    • Destruction
    • Extending Initialization
  • Spring Data
    • Configuration
      • Common Persistence Beans
      • Datasource
      • Persistence Providers
    • Repositories
      • Custom Repositories
      • Queries
      • Sorting and Paging
      • Example API
    • Transactional
      • Configuration
      • Annotation
      • Transaction Aspect
      • Transactional Test
  • Spring MVC
    • General
    • Setting Up a Web Application
    • Serving Resources
    • Securing URLS
    • Controllers
      • Mapping and Choosing Controller Methods
      • Mapping Controller Variables
      • Request Argument Validation
      • Controller Advices
    • Error Handling
    • Binding Configuration
    • Model Attributes
    • View Resolvers
    • Resolving Sort and Pageable Arguments
    • Logging
    • Validating Request Data
  • Spring WS
    • Examples
  • Spring Boot
    • General
    • Setting Up
    • Logging development info
    • Remote Debugging
  • Spring Security
    • Examples
    • Setting Up
      • Method Security
  • Spring AOP
    • More Information
    • Configuration
    • Aspect
    • Logging Aspect Example
  • Spring Cache
    • Configuration
  • Spring Integration
    • Gateway
    • Routing
    • Services
  • Testing Spring
    • Test configuration
    • Setting Up Junit
    • Conditional Tests
    • Initializing DB
    • Spring MVC
      • Setting Up the MVC Test Context
      • Request Path Testing
      • Testing JSON
      • Argument Resolvers
      • Response Status
  • JMeter
    • General
  • Neo4J
    • More Information
    • Cypher
    • Testing
  • JQAssistant
    • More Information
    • Maven Plugin
      • Git
      • Maven Dependencies
    • Queries
      • git
      • Tags
      • File Structure
      • Structure
      • Pruning
      • Maven
      • Controller
      • Detecting Problems
      • Persistence
    • Concepts
    • Constraints
    • Groups
    • Rules
      • Custom Rules
  • AspectJ
    • Wrapping Method
Powered by GitBook
On this page

Was this helpful?

  1. Spring MVC

Securing URLS

This will set up three access settings:

<http>
   <intercept-url pattern="/static/**" access="permitAll" />
   <intercept-url pattern="/login*" access="permitAll" />
   <intercept-url pattern="/**" access="isAuthenticated()" />
</http>

URL

Access control

/static/**

None. Everybody can access.

/login*

None. Everybody can access.

/**

Only authenticated users.

Note that the wildcard for authenticated URLs covers the other two. But as these are located before they will get a higher priority, and override the more restrictive control.

PreviousServing ResourcesNextControllers

Last updated 5 years ago

Was this helpful?