在spring-boot-1.x中,我具有以下配置以在开发人员模式下禁用基本安全性:
application.properties: security.basic.enabled=false application-test.properties: security.basic.enabled=true application-prod.properties: security.basic.enabled=true
从spring-boot-2.x开始,不再支持该属性。如何实现相同的配置(=禁用默认配置文件中的任何与安全相关的功能和配置)?
这是配置类。这里允许所有网址:
@Configuration @ConditionalOnProperty(value = "app.security.basic.enabled", havingValue = "false") public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable() .authorizeRequests() .antMatchers("/**").permitAll() .anyRequest().authenticated(); } }
