为传递依赖项禁用Spring Boot AutoConfiguration [英] Disable Spring Boot AutoConfiguration for transitive dependencies
问题描述
我创建了一个用于模拟soap服务的Spring Boot项目 - 它依赖于 org.springframework.ws:spring-ws-security 来处理ws-sec头文件,它引入了对 org.springframework.security:spring-security-core
的传递依赖关系。我的运行时类路径导致Spring Boot认为我想要启用web安全性,即使我使用 security.basic.enabled = false禁用它,最终得到一个运行时ClassNotFound异常除非我还补充说:
compile(org.springframework.security:spring-security-web:$springSecurityVersion)
编译(org.springframework.security:spring-security-config:$springSecurityVersion)
到我的运行时类路径。有没有什么方法可以指示启动,尽管它在运行时位于类路径中,我真的不希望与Spring Security有任何关系,并导致它不需要这些额外的依赖项?
SecurityAutoConfiguration 。 I've created a Spring Boot project for mocking soap services - it has a dependency on org.springframework.ws:spring-ws-security for handling ws-sec headers, which introduces a transitive dependency on org.springframework.security:spring-security-core
Having this on my runtime classpath causes Spring Boot to think I want web security enabled, and even if I disable it with security.basic.enabled = false I end up getting a runtime ClassNotFound exception unless I also add:
compile("org.springframework.security:spring-security-web:$springSecurityVersion")
compile("org.springframework.security:spring-security-config:$springSecurityVersion")
to my runtime classpath. Is there any way to indicate to Boot that, although it's on the classpath at runtime, that I truly want nothing to do with Spring Security, and to cause it to not require these additional dependencies?
If you truly want nothing to do with it, maybe it's actually an optional dependency (and could be excluded)? Failing that you can add excludes to the @EnableAutoConfiguration (e.g. see the javadoc for detail). You would want to exclude SecurityAutoConfiguration.
这篇关于为传递依赖项禁用Spring Boot AutoConfiguration的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
