ai.nervemind.app.config.SecurityConfig

@Configuration @EnableWebSecurity public class SecurityConfig extends Object

Security configuration for the NerveMind application.

This configuration enables HTTP Basic authentication for the application while allowing unrestricted access to the H2 database console for development purposes.

Local-first default: Allowing /h2-console/** as permitAll() is intentional for desktop/local usage. For shared or network-accessible deployments, this should be hardened (disable H2 console or require authentication).

Constructor Summary

Constructors

Constructor

Description

SecurityConfig()
Method Summary

Modifier and Type

Method

Description

org.springframework.security.web.SecurityFilterChain

filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)

Configures the security filter chain.

Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- SecurityConfig
  
  public SecurityConfig()
Method Details
- filterChain
  
  @Bean public org.springframework.security.web.SecurityFilterChain filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
  
  Configures the security filter chain.
  
  Parameters:
  
  http - the HTTP security configuration
  
  Returns:
  
  the configured security filter chain
  
  Throws:
  
  Exception - if configuration fails

Class SecurityConfig

Constructor Summary

Method Summary

Methods inherited from class Object

Constructor Details

SecurityConfig

Method Details

filterChain