some comments

dsmf · dsmf · commit 86180e9062cc · 2016-06-30T23:47:44.000+02:00
diff --git a/src/main/java/de/doubleslash/example/springboot/MySecurityConfigurer.java b/src/main/java/de/doubleslash/example/springboot/MySecurityConfigurer.java
@@ -39,10 +39,13 @@ public static class BasicAuthAdminForDevFunctionality extends WebSecurityConfigu
       protected void configure(final HttpSecurity http) throws Exception {
          http.antMatcher("/h2-console/**").authorizeRequests().anyRequest().permitAll();
 
+         // CSRF Prüfung für H2 Konsole deaktivieren, ok, da wir diese nur während der Entwicklung brauchen...
+         // Ansonsten: There was an unexpected error (type=Forbidden, status=403).
+         // Expected CSRF token not found. Has your session expired?
          http.csrf().disable();
+         // ebenso Frame Options...
          http.headers().frameOptions().disable();
-         // There was an unexpected error (type=Forbidden, status=403).
-         // Expected CSRF token not found. Has your session expired?
+
       }
 
    }
diff --git a/src/main/java/de/doubleslash/example/springboot/UserInit.java b/src/main/java/de/doubleslash/example/springboot/UserInit.java
@@ -15,7 +15,8 @@ public class UserInit implements CommandLineRunner {
    public void run(final String... args) throws Exception {
       final User user1 = new User("user1",
             // Passwort hashen
-            new BCryptPasswordEncoder().encode("bootifulPassword"), true, new Role("USER"));
+            new BCryptPasswordEncoder().encode("bootifulPassword"), //
+            true, new Role("USER"));
       userRepo.save(user1);
    }
 

Original file line number	Diff line number	Diff line change
`@@ -39,10 +39,13 @@ public static class BasicAuthAdminForDevFunctionality extends WebSecurityConfigu`
`39`	`39`	`protected void configure(final HttpSecurity http) throws Exception {`
`40`	`40`	`http.antMatcher("/h2-console/**").authorizeRequests().anyRequest().permitAll();`
`41`	`41`
	`42`	`+ // CSRF Prüfung für H2 Konsole deaktivieren, ok, da wir diese nur während der Entwicklung brauchen...`
	`43`	`+ // Ansonsten: There was an unexpected error (type=Forbidden, status=403).`
	`44`	`+ // Expected CSRF token not found. Has your session expired?`
`42`	`45`	`http.csrf().disable();`
	`46`	`+ // ebenso Frame Options...`
`43`	`47`	`http.headers().frameOptions().disable();`
`44`		`- // There was an unexpected error (type=Forbidden, status=403).`
`45`		`- // Expected CSRF token not found. Has your session expired?`
	`48`	`+`
`46`	`49`	`}`
`47`	`50`
`48`	`51`	`}`
Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,8 @@ public class UserInit implements CommandLineRunner {`
`15`	`15`	`public void run(final String... args) throws Exception {`
`16`	`16`	`final User user1 = new User("user1",`
`17`	`17`	`// Passwort hashen`
`18`		`- new BCryptPasswordEncoder().encode("bootifulPassword"), true, new Role("USER"));`
	`18`	`+ new BCryptPasswordEncoder().encode("bootifulPassword"), //`
	`19`	`+ true, new Role("USER"));`
`19`	`20`	`userRepo.save(user1);`
`20`	`21`	`}`
`21`	`22`