From b3023172af79ba6845196d1cc6617c51e816b2e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Wacongne?= Date: Thu, 21 Nov 2024 14:52:41 -1000 Subject: [PATCH] Update README.MD --- spring-addons-starter-oidc/README.MD | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/spring-addons-starter-oidc/README.MD b/spring-addons-starter-oidc/README.MD index 98715e0b7..8802ce95e 100644 --- a/spring-addons-starter-oidc/README.MD +++ b/spring-addons-starter-oidc/README.MD @@ -260,9 +260,9 @@ This filter-chain is configured with the following defaults: - the security-matcher in the conf is applied - stateful (session and CSRF protection enabled) - oauth2Login -- RP-Initiated Logout -- CORS disabled (as a reminder, `cors` properties configure a global filter) -- anonymous access allowed to pre-flight requests as well as all requests with a path matching an entry in `permit-all`; all others requests requiring a valid authentication +- disabled RP-Initiated Logout +- disabled CORS (as a reminder, `cors` properties configure a global filter) +- allowed anonymous access to pre-flight requests and to all requests with a path matching an entry in `permit-all`; all others requests requiring a valid authentication #### 1.2.2. Setting a Base URI for the Client Authorization-code flow and RP-Initiated Logout involve some redirection to the authorization server and then back to the client.