Spring Boot 2.x和Spring Security 5.x后禁用认证

Spring Boot 2.x和Spring Security 5.x前禁用认证

在application.yml或application.properties中加入这么一段(yml与properties差异请自行搜索，这里示意)

security.basic.enabled=false
management.security.enabled=false
复制代码

这样可以禁用掉弹出的用户名及密码输入

Spring Boot 2.x和Spring Security 5.x后禁用认证

由于改版之后，如下的一些配置均废弃

security.basic.authorize-mode
security.basic.enabled
security.basic.path
security.basic.realm
security.enable-csrf
security.headers.cache
security.headers.content-security-policy
security.headers.content-security-policy-mode
security.headers.content-type
security.headers.frame
security.headers.hsts
security.headers.xss
security.ignored
security.require-ssl
security.sessions
复制代码

导致即使按照上面的配置配好后也无法生效

解决方案

参照地址: stackoverflow

在启动类前的@SpringBootApplication注解中加入exclude属性SecurityAutoConfiguration和ManagementWebSecurityAutoConfiguration，以排除安全认证

@SpringBootApplication(exclude = {SecurityAutoConfiguration.class, 
        ManagementWebSecurityAutoConfiguration.class})
public class DemoApplication {
    public static void main(String[] args) {
        SpringApplication.run(DemoApplication.class,args);
    }
}
复制代码

欢迎访问我的个人主页

转载于:https://juejin.im/post/5c8b13e8e51d450c412f2ac4