Menu
In spring-boot-1.x I had the following configuration to disable the basic security in dev mode:
application.properties:
security.basic.enabled=false
application-test.properties:
security.basic.enabled=true
application-prod.properties:
security.basic.enabled=true
As of spring-boot-2.x the property is no longer supported. How can I achieve the same configuration (=disable any security related features and configuration in default profile)?
360
basic. enabled=false and management. security. enabled=false should be set to disable the security.
One of the ways you can disable Spring Security filters in your tests, is to use the @AutoConfigureMockMvc annotation. @AutoConfigureMockMvc annotation can be applied to a test class to enable and configure auto-configuration of MockMvc.
You can enable or disable an actuator endpoint by setting the property management. endpoint. <id>. enabled to true or false (where id is the identifier for the endpoint).
The @EnableWebSecurity is a marker annotation. It allows Spring to find (it's a @Configuration and, therefore, @Component ) and automatically apply the class to the global WebSecurity . If I don't annotate any of my class with @EnableWebSecurity still the application prompting for username and password.
Here is configuration class. here permit for all url:
@Configuration
@ConditionalOnProperty(value = "app.security.basic.enabled", havingValue = "false")
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/**").permitAll()
.anyRequest().authenticated();
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
