From c242bea08a5cb7bf632c1f4e756a2639a913e9b2 Mon Sep 17 00:00:00 2001
From: pabloFuente <pablofuenteperez@gmail.com>
Date: Tue, 30 Jul 2019 12:07:56 +0200
Subject: [PATCH] openvidu-server: recordings path endpoint security fix

---
 .../main/java/io/openvidu/server/config/SecurityConfig.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openvidu-server/src/main/java/io/openvidu/server/config/SecurityConfig.java b/openvidu-server/src/main/java/io/openvidu/server/config/SecurityConfig.java
index 1ad06ecb..14978a75 100644
--- a/openvidu-server/src/main/java/io/openvidu/server/config/SecurityConfig.java
+++ b/openvidu-server/src/main/java/io/openvidu/server/config/SecurityConfig.java
@@ -63,9 +63,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
 		// Security for recorded videos
 		if (openviduConf.getOpenViduRecordingPublicAccess()) {
-			conf = conf.antMatchers("/recordings/*").permitAll();
+			conf = conf.antMatchers("/recordings/**").permitAll();
 		} else {
-			conf = conf.antMatchers("/recordings/*").authenticated();
+			conf = conf.antMatchers("/recordings/**").authenticated();
 		}
 
 		conf.and().httpBasic();