admin管理员组

文章数量:1344238

I have a Spring Boot-GraphQL application. I have some GraphQL endpoints in a controller. By using SecurityFilterChain, All the incoming requests must be authenticated. It works very well. My question is: How can I configure one of the GraphQL endpoints to be accessible without authentication? In REST controllers, this can be done by adding the endpoint URL to requestMatchers("/**").permitAll();. As far as I know, GraphQL endpoints do not have a feature that allows referencing them by a URL.

I would like this method to be accessible to all requests:

@QueryMapping
public List<Product> getAllProducts() {

    return productService.getAllProducts();
}

I appreciate your helps

I have a Spring Boot-GraphQL application. I have some GraphQL endpoints in a controller. By using SecurityFilterChain, All the incoming requests must be authenticated. It works very well. My question is: How can I configure one of the GraphQL endpoints to be accessible without authentication? In REST controllers, this can be done by adding the endpoint URL to requestMatchers("/**").permitAll();. As far as I know, GraphQL endpoints do not have a feature that allows referencing them by a URL.

I would like this method to be accessible to all requests:

@QueryMapping
public List<Product> getAllProducts() {

    return productService.getAllProducts();
}

I appreciate your helps

  • spring
  • spring-boot
  • spring-security
  • graphql
Share Improve this question edited 5 hours ago kake.38 asked 6 hours ago kake.38kake.38 216 bronze badges
Add a comment  | 

1 Answer 1

Reset to default 1

I found a way to solve it.

I permitted all requests to come in, In the security configuration class. Then annotated all the methods by @PreAuthorize("isAuthenticated()") which need to be protected. Then the method that should be accessible without authentication , Left it without adding the mentioned annotation.

本文标签: Security of GraphQL endpoints in Spring BootStack Overflow

版权声明:本文标题:Security of GraphQL endpoints in Spring Boot - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1743741564a2530988.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。