From b92307d5641d11d7324c40930b8840c19eb3cfb1 Mon Sep 17 00:00:00 2001 From: Hyowon Yang Date: Thu, 30 Oct 2025 18:03:28 +0900 Subject: [PATCH] =?UTF-8?q?Analytics=20=EC=84=9C=EB=B9=84=EC=8A=A4=20?= =?UTF-8?q?=EC=9D=B8=EC=A6=9D=20=EC=A0=9C=EA=B1=B0=20-=20=EC=A0=84?= =?UTF-8?q?=EC=B2=B4=20=EC=A0=91=EA=B7=BC=20=ED=97=88=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - SecurityConfig를 content-service처럼 단순화 - 모든 요청에 대해 인증 없이 접근 가능하도록 변경 - Swagger UI 및 API 엔드포인트 접근 문제 해결 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- .../com/kt/event/analytics/config/SecurityConfig.java | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/analytics-service/src/main/java/com/kt/event/analytics/config/SecurityConfig.java b/analytics-service/src/main/java/com/kt/event/analytics/config/SecurityConfig.java index 9ce8369..8820d17 100644 --- a/analytics-service/src/main/java/com/kt/event/analytics/config/SecurityConfig.java +++ b/analytics-service/src/main/java/com/kt/event/analytics/config/SecurityConfig.java @@ -39,16 +39,7 @@ public class SecurityConfig { .cors(cors -> cors.configurationSource(corsConfigurationSource())) .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .authorizeHttpRequests(auth -> auth - // Actuator endpoints - .requestMatchers("/actuator/**").permitAll() - // Swagger UI endpoints - .requestMatchers("/swagger-ui/**", "/swagger-ui.html", "/v3/api-docs/**", "/swagger-resources/**", "/webjars/**").permitAll() - // Health check - .requestMatchers("/health").permitAll() - // Analytics API endpoints (context-path 제거된 실제 경로) - .requestMatchers("/events/**", "/users/**").permitAll() - // All other requests require authentication - .anyRequest().authenticated() + .anyRequest().permitAll() ) .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter.class)