Spring Security : Multiple HTTP Config not working

Question

I am trying to use Spring Security and I have a use case where I want different login pages and different set of URLs to be secured.

Here is my configuration:

<

Answer 1

Your first WebSecurityConfigurerAdapter's

http
            .authorizeRequests()

matches all the URLs, limit it to only URLs start with /admin by using antMatcher:

@Configuration
@Order(1)
public static class ProviderSecurity extends WebSecurityConfigurerAdapter{
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .antMatcher("/admin/**")
                .authorizeRequests()
                .antMatchers("/admin/login").permitAll()
                .antMatchers("/admin/**").access("hasRole('BASE_USER')")
                .and()

                ...