diff --git a/pom.xml b/pom.xml
index 1dc4949..eb35631 100644
--- a/pom.xml
+++ b/pom.xml
@@ -11,7 +11,7 @@
ca.levimiller
sms-bridge
- 0.2.1
+ 0.2.2
sms-bridge
Sms Bridge for Matrix
diff --git a/src/main/java/ca/levimiller/smsbridge/security/WebSecurityConfig.java b/src/main/java/ca/levimiller/smsbridge/security/WebSecurityConfig.java
index 68e9316..a329549 100644
--- a/src/main/java/ca/levimiller/smsbridge/security/WebSecurityConfig.java
+++ b/src/main/java/ca/levimiller/smsbridge/security/WebSecurityConfig.java
@@ -9,10 +9,11 @@
import org.springframework.core.Ordered;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
@Configuration
+@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final Filter twilioAuthenticationFilter;
@@ -36,19 +37,21 @@ public void configure(WebSecurity web) {
@Override
protected void configure(HttpSecurity http) throws Exception {
// No need for csrf between back end servers. (no cookies/basic auth)
- http.csrf()
- .ignoringAntMatchers("/matrix/**", "/attachment/**", "/twilio/**");
-
- http.antMatcher("/attachment/**")
- .addFilterAfter(twilioAuthenticationFilter, AnonymousAuthenticationFilter.class);
-
- http.antMatcher("/twilio/**")
- .addFilterAfter(twilioAuthenticationFilter, AnonymousAuthenticationFilter.class);
- http.authorizeRequests()
- .antMatchers("/twilio/**")
- .authenticated()
+ http.csrf()
+ .ignoringAntMatchers("/matrix/**", "/attachment/**", "/twilio/**")
.and()
- .httpBasic();
+ .authorizeRequests()
+ .antMatchers("/matrix/**", "/attachment/**", "/twilio/**")
+ .permitAll();
+ }
+
+ @Bean
+ FilterRegistrationBean twilioFilterRegistration() {
+ FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();
+ registrationBean.setFilter(twilioAuthenticationFilter);
+ registrationBean.addUrlPatterns("/attachment/*", "/twilio/*");
+ registrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE); //set precedence
+ return registrationBean;
}
}