Spring Security blocks framing by default.
Change-Id: I51a1fa31599a55196675fe505f6c47696af40b6d
Signed-off-by: Lott, Christopher (cl778h) <cl778h@att.com>
* Add custom (plain but not white-label) error page
* Synch A1 method paths in front-end and back-end
* Add xapp dynamic configuration feature
+* Disable x-frame-options response header
Version 1.0.5, 5 July 2019
--------------------------
logger.debug("configure: portalapi.username {}", userName);
// A chain of ".and()" always baffles me
http.authorizeRequests().anyRequest().authenticated();
+ http.headers().frameOptions().disable();
http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
http.addFilterBefore(portalAuthenticationFilterBean(), BasicAuthenticationFilter.class);
}