Spring Boot 2.0 禁用默认安全性 [英] Spring Boot 2.0 disable default security
问题描述
我想使用 Spring Security 进行 JWT 身份验证.但它带有默认身份验证.我正在尝试禁用它,但是执行此操作的旧方法 - 通过 application.properties
禁用它 - 在 2.0 中已弃用.
I want to use Spring Security for JWT authentication. But it comes with default authentication. I am trying to disable it, but the old approach of doing this - disabling it through application.properties
- is deprecated in 2.0.
这是我试过的:
@Configuration
public class StackWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().disable();
// http.authorizeRequests().anyRequest().permitAll(); // Also doesn't work.
}
}
如何简单地禁用基本安全功能?
How can I simply disable basic security?
更新
很高兴知道我使用的不是 web mvc 而是 web Flux.
UPDATE
It might be nice to know that I am not using web mvc but web flux.
截图:
推荐答案
根据 Spring 2.0 的新更新,如果 Spring Security 在 classpath 中,Spring Boot 会添加 @EnableWebSecurity.所以在 application.properties 中添加条目' 行不通(即它不再以这种方式自定义).更多信息请访问官网Spring Boot 2.0 中的安全变化
According to the new updates in Spring 2.0, if Spring Security is on the classpath, Spring Boot will add @EnableWebSecurity.So adding entries to the application.properties ain't gonna work (i.e it is no longer customizable that way). For more information visit the official website Security changes in Spring Boot 2.0
尽管不确定您的具体要求,但我可以想到如下一种解决方法:-
Albeit not sure about your requirement exactly, I could think of one workaround like the following:-
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception{
http.authorizeRequests().antMatchers("/").permitAll();
}
}
希望这会有所帮助.
这篇关于Spring Boot 2.0 禁用默认安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!