I have spring security application in which want to enable annotations security (pre and post authorization). I also have small sample application in which i have implemented it already. Everything works. But moving configs to main applications failed. There is no errors in console. But annotations do not work. It seems, they are not readed at all. All configuration and component versions are completely the same.
There are
<security:global-method-security secured-annotations="enabled" />
records in security-context and servlet-context. But neither @Controller methods no @Service methods are secured with annotation in main application.
How can i debug it?
Solved!
After switch from < global-method-security secured-annotations="enabled" /> to pre/post annotations works fine.
Like any Spring or Java application, we can use a logger library and define a logging level for the Spring Security modules. This way, we can check out logs about the Authentication or the Filter Chain. Moreover, we can even use the trace level for deeper debugging.
You can enable debug logging by specifying --debug when starting the application from the command-line. Spring Boot provides also a nice starting point for logback to configure some defaults, coloring etc. the base. xml file which you can simply include in your logback.
You can add to your application.yaml
:
logging.level.org.springframework.security: DEBUG
Or add to application.properties
:
logging.level.org.springframework.security=DEBUG
Or add to your WebSecurityConfig
annotation EnableWebSecurity
with debug = true
:
@Configuration
@EnableWebSecurity(debug = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
// ...
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With