Spring security AntMatcher is not working

Question

This is the way I have configured spring security, in controller I\'m getting ROLE_ANONYMOUS as authority. Looks like security is not intercepting the request and checking for J

Answer 1

What version of spring-boot and spring-security are you using?

The @EnableResourceServer annotation adds a filter of type OAuth2AuthenticationProcessingFilter automatically to the Spring Security filter chain.

So to your "extends ResourceServerConfigurerAdapter" be applyed before the OAuth2AuthenticationProcessingFilter, you'll need to annotate it with @Order (-1)

@Configuration
@EnableResourceServer
@Order(-1)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter{
[...]