my config
//
public static
void contributeSecurityConfiguration(ConfigurationSecurityFilterChain
configuration,
SecurityFilterChainFactory factory) {
configuration.add(factory.createChain(/channel/**).add(factory.roles(),
manager).build());
}
if user does not have the manager role,request will
I had this exact problem. The reason turned out was that the authorization
filter was not setting the the url. To fix this I overrode the
SecurityFilterChainFactory service:
In your app module do:
public static void bind(ServiceBinder binder)
{
//override