![[The AI Show Episode 143]: ChatGPT Revenue Surge, New AGI Timelines, Amazon’s AI Agent, Claude for Education, Model Context Protocol & LLMs Pass the Turing Test](https://www.marketingaiinstitute.com/hubfs/ep%20143%20cover.png)
![[DEALS] Microsoft Visual Studio Professional 2022 + The Premium Learn to Code Certification Bundle (97% off) & Other Deals Up To 98% Off](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
![From Accountant to Data Engineer with Alyson La [Podcast #168]](https://cdn.hashnode.com/res/hashnode/image/upload/v1744420903260/fae4b593-d653-41eb-b70b-031591aa2f35.png?#)
.png?#)
![Apple TV+ Summer Preview 2025 [Video]](https://www.iclarified.com/images/news/96999/96999/96999-640.jpg)
![Apple Watch SE 2 On Sale for Just $169.97 [Deal]](https://www.iclarified.com/images/news/96996/96996/96996-640.jpg)
![Apple Posts Full First Episode of 'Your Friends & Neighbors' on YouTube [Video]](https://www.iclarified.com/images/news/96990/96990/96990-640.jpg)
zxsdfghjk,
@Configuration @EnableWebSecurity public class SecurityConfig { private final JwtUtil jwtUtil; private CorsConfigurationSource corsConfigurationSource; public SecurityConfig(JwtUtil jwtUtil, CorsConfigurationSource corsConfigurationSource) { this.jwtUtil = jwtUtil; this.corsConfigurationSource = corsConfigurationSource; } @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http.csrf(csrf -> csrf.disable()) .cors(Customizer.withDefaults()) .authorizeHttpRequests(authz -> authz .requestMatchers("/v1/auth/**", "/v1/card-bin-mapping/getByBin", "/v1/card-bin-mapping/uploadCardBinMapping", "/swagger-ui.html", "/swagger-ui/**", "/api-docs/**", "/swagger-resources/**", "/webjars/**") .permitAll().anyRequest().authenticated()) .headers(headers -> headers .defaultsDisabled() .addHeaderWriter(new StaticHeadersWriter("Content-Security-Policy", "default-src 'self';")) .addHeaderWriter(new StaticHeadersWriter("Expect-CT", "max-age=3600, enforce")) .httpStrictTransportSecurity( hsts -> hsts.includeSubDomains(true).maxAgeInSeconds(31536000).preload(true)) .addHeaderWriter(new StaticHeadersWriter("Referrer-Policy", "strict-origin-when-cross-origin")) .addHeaderWriter(new StaticHeadersWriter("Permissions-Policy", "geolocation=(), microphone=(), camera=(), interest-cohort=()"))) .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .addFilterBefore(new HiddenRequestFilter(), UsernamePasswordAuthenticationFilter.class) .addFilterBefore(new JwtAuthenticationFilter(jwtUtil), UsernamePasswordAuthenticationFilter.class); return http.build(); } }
@Configuration
@EnableWebSecurity
public class SecurityConfig {
private final JwtUtil jwtUtil;
private CorsConfigurationSource corsConfigurationSource;
public SecurityConfig(JwtUtil jwtUtil, CorsConfigurationSource corsConfigurationSource) {
this.jwtUtil = jwtUtil;
this.corsConfigurationSource = corsConfigurationSource;
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf(csrf -> csrf.disable())
.cors(Customizer.withDefaults())
.authorizeHttpRequests(authz -> authz
.requestMatchers("/v1/auth/**", "/v1/card-bin-mapping/getByBin",
"/v1/card-bin-mapping/uploadCardBinMapping", "/swagger-ui.html", "/swagger-ui/**",
"/api-docs/**", "/swagger-resources/**", "/webjars/**")
.permitAll().anyRequest().authenticated())
.headers(headers -> headers
.defaultsDisabled()
.addHeaderWriter(new StaticHeadersWriter("Content-Security-Policy", "default-src 'self';"))
.addHeaderWriter(new StaticHeadersWriter("Expect-CT", "max-age=3600, enforce"))
.httpStrictTransportSecurity(
hsts -> hsts.includeSubDomains(true).maxAgeInSeconds(31536000).preload(true))
.addHeaderWriter(new StaticHeadersWriter("Referrer-Policy", "strict-origin-when-cross-origin"))
.addHeaderWriter(new StaticHeadersWriter("Permissions-Policy",
"geolocation=(), microphone=(), camera=(), interest-cohort=()")))
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.addFilterBefore(new HiddenRequestFilter(), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(new JwtAuthenticationFilter(jwtUtil), UsernamePasswordAuthenticationFilter.class);
return http.build();
}
}
