Menu
I am working on converting a Spring 3 project to Spring 4 + Spring Boot. I don't know whether it is a right thing to do or not yet. I convert the Spring Security XML configuration to a Java based configuration as the following:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/", "/home").permitAll()
.anyRequest().authenticated();
http.formLogin()
.defaultSuccessUrl("/afterLogin")
.loginPage("/profiles/lognin/form")
.failureUrl("/accessDenied")
.and()
.authorizeRequests()
.regexMatchers("....")
.hasRole("ROLE_USER")
.antMatchers("....")
.hasRole("ROLE_USER")
//....
;
}
@Override
protected void configure(AuthenticationManagerBuilder authManagerBuilder)
throws Exception {
authManagerBuilder.authenticationProvider(this.getDaoAuthenticationProvider());
}
// ....
}
I get the Spring Security default login popup panel when I hit the home URL. It seem to me that the above configuration doesn't take effect, but the default Spring Security configuration in Spring Boot doesn't. If so, how to override the default one?
518
I found the answer. I need to create a file called application.properties with the following line:
security.basic.enabled=false
and place this file under src/main/resource. That is it.
148
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With