AuthenticationEntryPoint triggers even if authorization is successfully passed, when I try to go to an endpoint that does not exist. How do I make it go to a 404 page?
This is my Spring Security configuration
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http
.cors().and()
.csrf().disable()
.exceptionHandling()
.authenticationEntryPoint(customAuthenticationEntryPoint()).and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeHttpRequests()
.requestMatchers("/api/auth/**").permitAll()
.anyRequest().authenticated().and()
.addFilterBefore(jwtTokenFilter, UsernamePasswordAuthenticationFilter.class)
.build();
}
You need to allow all requests to the /error path.
.requestMatchers("/error").permitAll()