disabling spring security in spring boot app

We Are Going To Discuss About disabling spring security in spring boot app . So lets Start this Java Article.

disabling spring security in spring boot app

Advertisements
  1. disabling spring security in spring boot app

    security.ignored is deprecated since Spring Boot 2.
    For me simply extend the Annotation of your Application class did the Trick:
    @SpringBootApplication(exclude = SecurityAutoConfiguration.class)

  2. disabling spring security in spring boot app

    security.ignored is deprecated since Spring Boot 2.
    For me simply extend the Annotation of your Application class did the Trick:
    @SpringBootApplication(exclude = SecurityAutoConfiguration.class)

Solution 1

Advertisements

security.ignored is deprecated since Spring Boot 2.

For me simply extend the Annotation of your Application class did the Trick:

@SpringBootApplication(exclude = SecurityAutoConfiguration.class)

Original Author Joker Of This Content

Solution 2

Advertisements

Change WebSecurityConfig.java: comment out everything in the configure method and add

http.authorizeRequests().antMatchers("/**").permitAll();

This will allow any request to hit every URL without any authentication.

Original Author Shubham Patel Of This Content

Solution 3

Advertisements

Try this. Make a new class

@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.authorizeRequests().antMatchers("/").permitAll();
}

}

Basically this tells Spring to allow access to every url. @Configuration tells spring it’s a configuration class

Original Author bmarkham Of This Content

Solution 4

Advertisements

With this solution you can fully enable/disable the security by activating a specific profile by command line. I defined the profile in a file application-nosecurity.yaml

spring:
  autoconfigure:
    exclude: org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration

Then I modified my custom WebSecurityConfigurerAdapter by adding the @Profile("!nosecurity") as follows:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@Profile("!nosecurity")
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {...}

To fully disable the security it’s enough to start the application up by specifying the nosecurity profile, i.e.:

java -jar  target/myApp.jar --spring.profiles.active=nosecurity

Original Author Enrico Giurin Of This Content

Conclusion

So This is all About This Tutorial. Hope This Tutorial Helped You. Thank You.

Also Read,

Siddharth

I am an Information Technology Engineer. I have Completed my MCA And I have 4 Year Plus Experience, I am a web developer with knowledge of multiple back-end platforms Like PHP, Node.js, Python and frontend JavaScript frameworks Like Angular, React, and Vue.

Leave a Comment