Open oscararias opened 6 years ago
This security configuration:
https://github.com/thymeleaf/thymeleafexamples-layouts/blob/602052c420fb1d016b09676365941e69a9224229/src/main/java/thymeleafexamples/layouts/config/SecurityConfig.java#L48
In conjunction with this configuration for DefaultServletHandler:
https://github.com/thymeleaf/thymeleafexamples-layouts/blob/602052c420fb1d016b09676365941e69a9224229/src/main/java/thymeleafexamples/layouts/config/WebMvcConfig.java#L95
Causes an error when accessing http://localhost:8080/ if the user is not logged in.
Removing "/" from the list of allowed urls in the security config would be, IMHO, more consistent as it would redirect the user to the login form.
This security configuration:
https://github.com/thymeleaf/thymeleafexamples-layouts/blob/602052c420fb1d016b09676365941e69a9224229/src/main/java/thymeleafexamples/layouts/config/SecurityConfig.java#L48
In conjunction with this configuration for DefaultServletHandler:
https://github.com/thymeleaf/thymeleafexamples-layouts/blob/602052c420fb1d016b09676365941e69a9224229/src/main/java/thymeleafexamples/layouts/config/WebMvcConfig.java#L95
Causes an error when accessing http://localhost:8080/ if the user is not logged in.
Removing "/" from the list of allowed urls in the security config would be, IMHO, more consistent as it would redirect the user to the login form.