I'm using spring-boot-starter-security
dependency, to make use of several classes that come with spring-security
. But as I want to integrate it in an existing vaadin
application, I only want to make use of the classes, and not of the default login/auth screen of spring.
How can I disable this screen?
I cannot make any configurations by extending WebSecurityConfigurerAdapter
as my main entry class already extends SpringBootServletInitializer
. Also, vaadin applications basically run on the same URL path all the time and use internal navigation.
@EnableAutoConfiguration
public class MyApp extends SpringBootServletInitializer {
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(MyApp.class);
}
public static void main(String[] args) {
SpringApplication.run(MyApp.class, args);
}
}
So, what could I do to disable the login screen, but though make use of spring security features?
enabled=false and management. security. enabled=false should be set to disable the security.
In Spring Boot 2, if we want our own security configuration, we can simply add a custom WebSecurityConfigurerAdapter. This will disable the default auto-configuration and enable our custom security configuration.
In application. properties , set security. ignored=none .
you can use java based configuration like this :
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity security) throws Exception
{
security.httpBasic().disable();
}
}
and restart your application if it's refresh automatically.
The default security in Spring Boot is Basic. You could disable it by setting security.basic.enabled=false
. More about this here and here.
Disable the default spring security by excluding it from the autoconfiguration. Add SecurityAutoConfiguration.class
to the exclude
property of the @SpringBootApplication
annotation on your main class. Like follows:
@SpringBootApplication(exclude = { SecurityAutoConfiguration.class })
public class MyApplication {
public static void main(String[] args) {
SpringApplication.run(MyApplication.class, args);
}
}
There seems to be a simpler solution.
Simply put this annotationabove your main class or the same place as your SpingBootApplication
annotation
@EnableAutoConfiguration(exclude = {org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration.class})
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With