Spring Boot 2.x和Spring Security 5.x前禁用认证
在application.yml或application.properties中加入这么一段(yml与properties差异请自行搜索,这里示意)1
2security.basic.enabled=false
management.security.enabled=false
Spring Boot 2.x和Spring Security 5.x后禁用认证
由于改版之后,如下的一些配置均废弃1
2
3
4
5
6
7
8
9
10
11
12
13
14
15security.basic.authorize-mode
security.basic.enabled
security.basic.path
security.basic.realm
security.enable-csrf
security.headers.cache
security.headers.content-security-policy
security.headers.content-security-policy-mode
security.headers.content-type
security.headers.frame
security.headers.hsts
security.headers.xss
security.ignored
security.require-ssl
security.sessions
导致即使按照上面的配置配好后也无法生效
解决方案
参照地址: stackoverflow
在启动类前的@SpringBootApplication注解中加入exclude属性SecurityAutoConfiguration和ManagementWebSecurityAutoConfiguration,以排除安全认证1
2
3
4
5
6
7(exclude = {SecurityAutoConfiguration.class,
ManagementWebSecurityAutoConfiguration.class})
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class,args);
}
}
