Endpoints aren't protected.
badripaudel77 opened this issue · comments
Badri Paudel commented
locahost:port/user
is protected but locahost:port/user/
(with one / ) isn't protected. I am also facing same issue and he seems to have the same issue though. Similar for other endpoints as well.
shanesreal commented
According to spring docs you should be using:
.antMatcher("/user/**")
or
.antMatcher("/admin/**")
instead of
.antMatcher("/user")
to secure your api endpoints.