Allow access to the /error page

- permit access to /error to fix auth issues
  related to the user loosing his authentication
  before being redirected to the error page

Issue-ID: SO-4188
Change-Id: Iae17a7a8a2f8f12974c5b0fea7208c53244d94db
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>

diff --git a/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java b/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java
index da989ee..7c04580 100644 (file)
--- a/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java
+++ b/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java
@@ -5,15 +5,15 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
- * 
+ *
  * SPDX-License-Identifier: Apache-2.0
  * ============LICENSE_END=========================================================
  */
@@ -36,7 +36,7 @@ public class SoBasicHttpSecurityConfigurer implements HttpSecurityConfigurer {
 
     @Override
     public void configure(final HttpSecurity http) throws Exception {
-        http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
+        http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info", "/error").permitAll()
                 .antMatchers("/**")
                 .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ","))
                 .and().httpBasic();