Spring security: how to ignore some paths

Here is the way to configure Spring Security to tell him to ignore some paths. It could be useful when you need to have public APIs or make static resources public.

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
	
	@Override
 	public void configure(WebSecurity web) throws Exception {
 		web.ignoring().antMatchers("/static/**");
 	}
}

Spring boot: 1.3.3.RELEASE
Spring Security: 4.0.3.RELEASE

Spring: Getting HTTP 406 from a REST controller

You may get a HTTP 406 Inacceptable error while trying to return Java objects from a REST controller.

The server is not able to handle your request because the HTTP header “Accept” does not match with any of the content types he can handle.
In fact, the server might be unable to deliver the response in whatever content-type, some piece of configuration is missing in your project.

Continue reading