@ -1,5 +1,5 @@
/ *
/ *
* Copyright 2012 - 201 7 the original author or authors .
* Copyright 2012 - 201 8 the original author or authors .
*
*
* Licensed under the Apache License , Version 2.0 ( the "License" ) ;
* Licensed under the Apache License , Version 2.0 ( the "License" ) ;
* you may not use this file except in compliance with the License .
* you may not use this file except in compliance with the License .
@ -180,9 +180,9 @@ public class SpringBootWebSecurityConfigurationTests {
. postForEntity ( "http://localhost:" + port + "/" , form , Object . class ) ;
. postForEntity ( "http://localhost:" + port + "/" , form , Object . class ) ;
assertThat ( result . getStatusCode ( ) ) . isEqualTo ( HttpStatus . FORBIDDEN ) ;
assertThat ( result . getStatusCode ( ) ) . isEqualTo ( HttpStatus . FORBIDDEN ) ;
// override method with GET
// override method with DELETE
form = new LinkedMultiValueMap < String , String > ( ) ;
form = new LinkedMultiValueMap < String , String > ( ) ;
form . add ( "_method" , " GET ") ;
form . add ( "_method" , " DELETE ") ;
result = rest . postForEntity ( "http://localhost:" + port + "/" , form , Object . class ) ;
result = rest . postForEntity ( "http://localhost:" + port + "/" , form , Object . class ) ;
assertThat ( result . getStatusCode ( ) ) . isEqualTo ( HttpStatus . NOT_FOUND ) ;
assertThat ( result . getStatusCode ( ) ) . isEqualTo ( HttpStatus . NOT_FOUND ) ;
@ -337,7 +337,8 @@ public class SpringBootWebSecurityConfigurationTests {
@Override
@Override
protected void configure ( HttpSecurity http ) throws Exception {
protected void configure ( HttpSecurity http ) throws Exception {
http . authorizeRequests ( ) . antMatchers ( HttpMethod . POST , "/**" ) . denyAll ( ) ;
http . authorizeRequests ( ) . mvcMatchers ( HttpMethod . POST , "/**" ) . denyAll ( ) . and ( )
. csrf ( ) . disable ( ) ;
}
}
}
}