From 042588cb6e404a1035be99f99681a691a595329b Mon Sep 17 00:00:00 2001
From: andre00bejarano00vaca <andre.bejarano.vaca@gmail.com>
Date: Wed, 1 Oct 2025 18:08:45 -0400
Subject: [PATCH] un nuevo beans

---
 .../fercoganbackend/configuration/SecurityConfig.java     | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/example/fercoganbackend/configuration/SecurityConfig.java b/src/main/java/com/example/fercoganbackend/configuration/SecurityConfig.java
index e2d1407..92ff392 100644
--- a/src/main/java/com/example/fercoganbackend/configuration/SecurityConfig.java
+++ b/src/main/java/com/example/fercoganbackend/configuration/SecurityConfig.java
@@ -7,6 +7,7 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -31,13 +32,18 @@ public class SecurityConfig {
         return authConfig.getAuthenticationManager();
     }
 
+    @Bean
+    public WebSecurityCustomizer webSecurityCustomizer() {
+        return (web) -> web.ignoring().requestMatchers("/ws/**");
+    }
+
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
                 .csrf(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers("/auth/**").permitAll()
-                        .requestMatchers("/favicon.ico", "/error", "/static/**","contador/**", "/api/**").permitAll()
+                        .requestMatchers("/favicon.ico", "/error", "/static/**","/contador/**", "/api/**").permitAll()
                         .requestMatchers("/ws/**").permitAll() // permitir WS sin auth
                         .requestMatchers("/admin/**").hasAnyAuthority("SUPER_USUARIO","ADMIN")
                         .anyRequest().authenticated()