This security configuration:
|
.antMatchers("/", "/favicon.ico", "/resources/**", "/signup").permitAll() |
In conjunction with this configuration for DefaultServletHandler:
Causes an error when accessing http://localhost:8080/ if the user is not logged in.
Removing "/" from the list of allowed urls in the security config would be, IMHO, more consistent as it would redirect the user to the login form.
This security configuration:
thymeleafexamples-layouts/src/main/java/thymeleafexamples/layouts/config/SecurityConfig.java
Line 48 in 602052c
In conjunction with this configuration for DefaultServletHandler:
thymeleafexamples-layouts/src/main/java/thymeleafexamples/layouts/config/WebMvcConfig.java
Line 95 in 602052c
Causes an error when accessing http://localhost:8080/ if the user is not logged in.
Removing "/" from the list of allowed urls in the security config would be, IMHO, more consistent as it would redirect the user to the login form.