Update SecurityConfig.java

krtksharma · web-flow · commit 0cd9d6ffdadc · 2026-03-26T22:04:04.000+05:30
diff --git a/src/main/java/com/cognizant/config/SecurityConfig.java b/src/main/java/com/cognizant/config/SecurityConfig.java
@@ -16,18 +16,7 @@
 
 import java.util.List;
 
-/**
- * Spring Security configuration.
- * - Stateless JWT auth (no sessions)
- * - Public routes: /api/users/login, /api/users/register
- * - Everything else requires a valid JWT
- *
- * Add to pom.xml:
- *   <dependency>
- *     <groupId>org.springframework.boot</groupId>
- *     <artifactId>spring-boot-starter-security</artifactId>
- *   </dependency>
- */
+
 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {
@@ -49,6 +38,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .requestMatchers("/api/users/login").permitAll()
                 .requestMatchers("/api/users/register").permitAll()
                 .requestMatchers("/api/attachments/download/**").permitAll()
+                .requestMatchers(HttpMethod.POST, "/api/defects/*/attachments").permitAll() 
                 .requestMatchers("/swagger-ui/**", "/v3/api-docs/**").permitAll()
 
                 // Role-specific routes
