Spring Boot 2.0 disable default security
I want to use Spring Security for JWT authentication. But it comes with default authentication. I am trying to disable it, but the old approach of doing this - disabling it through application.properties - is deprecated in 2.0.
This is what I tried:
@Configuration
public class StackWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().disable();
// http.authorizeRequests().anyRequest().permitAll(); // Also doesn't work.
}
}
How can I simply disable basic security?
UPDATE
It might be nice to know that I am not using web mvc but web flux.
Screenshot:
According to the new updates in Spring 2.0, if Spring Security is on the classpath, Spring Boot will add @EnableWebSecurity.So adding entries to the application.properties ain't gonna work (i.e it is no longer customizable that way). For more information visit the official website Security changes in Spring Boot 2.0
Albeit not sure about your requirement exactly, I could think of one workaround like the following:-
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception{
http.authorizeRequests().antMatchers("/").permitAll();
}
}
Hope this helps.
- How to override default Tomcat 404 not found html page in Spring Boot 3.2?
- How to log SQL parameters binding in JPA queries with Spring Boot 3?
- How to log SQL statements with query param values in Spring Boot 3/Hibernate 6
- Spring Boot - Logback Configuration - Annoying Boilerplate at beginning of log
- Java Spring Boot: How to map my app root (“/”) to index.html?
- Unable to Insert image from classpath into PDF using PDFBox
- Spring boot ddl auto generator
- SpringBoot 3, hibernate 6 tables not created
- UTF-8 encoding of application.properties attributes in Spring-Boot
- Implementing Custom Expression Handling with Spring Security 6
- my Spring CustomSecurityExpressionRoot not working
- MySQL Testcontainer Timezone Issue When Using Spring Data JDBC
- How to read data from java properties file using Spring Boot
- Does adding @Transactional annotation to method is a must when making database calls?
- @EnableGlobalMethodSecurity is deprecated in the new spring boot 3.0
- Scheduler not running in Spring Boot
- SpringBoot EventListener don't receive events
- http call with Multipart form data is failing after spring upgrade
- Karate framework fails to find tests in multi module Spring Framework
- Connecting to queue or creating on non-existence in spring-rabbitmq
- Spring Security blocks POST requests despite SecurityConfig
- Weird autoincrement issue on Spring Boot 3.3.0 with MySQL 8
- Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback with no error in console
- Disable exemplars support in Spring Boot 3.2 to avoid Prometheus problem with scrapping metrics
- What happened to SimpleRemoteStatelessSessionProxyFactoryBean?
- Spring Boot Restful Service and CORS problem
- What is the best way to test that a spring application context fails to start?
- Using org.commonsources.correlation.filter.CorrelationHeaderFilter throws Caused by: java.io.IOException: Failed to load class [javax.servlet.Filter]
- Cannot convert grib2 to geotiff in SpringBoot app
- Spring Boot JPA H2 Console not running, application.properties file ignored