https://kotlinlang.org logo
Join Slack
Powered by
Hi! I'm trying to replace spring security config w...
# spring
i
Hi! I'm trying to replace spring security config with new dsl:
Copy code
http.cors().configurationSource { CorsConfiguration().applyPermitDefaultValues() }
However MVC dsl for CORS doesn't contain an ability to set configuration source (
CorsDsl
). I can see that in WebFlux version (
ServerCorsDsl
) there is
Copy code
var configurationSource: CorsConfigurationSource? = null
Does anyone know why there is no such property for MVC?
j
That works for me just fine, using Spring Security 5.4.1 and Spring Boot 2.4.0
Alternatively, you can add a configuration bean in the context as follows and it will be picked up automatically:
Copy code
@Bean
fun corsConfigurationSource(): CorsConfigurationSource {
   //
}
i
I'm extending 
WebSecurityConfigurerAdapter()
and using spring-security-config 5.4.1. Are you using it the same way?
j
Yeah, pretty much. This is the essence of my code (although in reality I use the variant with an explicit 
@Bean
that exposes a 
CorsConfigurationSource
, but this compiles for me)
Copy code
@Configuration
class APISecurityConfig() : WebSecurityConfigurerAdapter() {

  override fun configure(http: HttpSecurity) {
        http
            .antMatcher("/api/**")
            .cors().configurationSource { CorsConfiguration().applyPermitDefaultValues() }.and()

       // ETC
}
i
But this is not a dsl, I'm trying to replace this configuration:
Copy code
http.cors().configurationSource { CorsConfiguration().applyPermitDefaultValues() }
with dsl:
Copy code
http {
  cors {
    //set configuration source here
  }
}
Sorry if my original question was written badly 🙂
j
Ah, right! Yeah, then you're on your own 🙂
24 Views
Open in Slack
PreviousNext
Powered by