Closed iipolovinkin closed 8 years ago
Any user can open http://127.0.0.1:8081/clients/2/ without authorization.
<http access-denied-page="/error403.jsp"> <intercept-url pattern="/home*" access="ROLE_USER,ROLE_ANONYMOUS"/> <intercept-url pattern="/clients*" access="ROLE_USER"/> <intercept-url pattern="/accounts*" access="ROLE_USER"/> <intercept-url pattern="/transactions*" access="ROLE_ADMIN"/> <intercept-url pattern="/admin_page*" access="ROLE_ADMIN"/> <form-login login-page="/login" default-target-url="/home" authentication-failure-url="/login.jsp?error=true"/> <logout logout-url="/logout" logout-success-url="/home"/> <anonymous username="guest" granted-authority="ROLE_ANONYMOUS"/> <remember-me/> </http>
Any user can open http://127.0.0.1:8081/clients/2/ without authorization.