From 9d3c532a69921d8920d58f093261d10134733d1c Mon Sep 17 00:00:00 2001
From: twilight0620 <liuhuiling4@huawei.com>
Date: Fri, 15 Jul 2022 15:49:11 +0800
Subject: [PATCH] =?UTF-8?q?=E5=9B=9E=E9=80=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../website/config/ClientWebSecurityConfigurer.java      | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java b/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java
index 1cba339..1b9564a 100644
--- a/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java
+++ b/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java
@@ -90,14 +90,7 @@ public class ClientWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
     public void configure(final HttpSecurity http) throws Exception {
         http.headers().frameOptions().disable();
 
-        http.authorizeRequests().withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
-                @Override
-                public <O extends FilterSecurityInterceptor> O postProcess(O object) {
-                    LOGGER.info("postProcess setAlwaysReauthenticate true.");
-                    object.setAlwaysReauthenticate(true);
-                    return object;
-                }
-            }).antMatchers("/login", "/auth/logout").permitAll()
+        http.authorizeRequests().antMatchers("/login", "/auth/logout").permitAll()
             // this api will be used by health-check service, so permit all roles to get mec host list in v1.2
             .antMatchers(HttpMethod.GET, "/mecm-inventory/inventory/v1/mechosts").permitAll()
             .antMatchers(HttpMethod.GET, "/health").permitAll().antMatchers("/webssh").permitAll()
-- 
Gitee