import org.springframework.boot.*;
import org.springframework.boot.autoconfigure.*;
import org.springframework.web.bind.annotation.*;
@RestController
@SpringBootApplication
public class Example {
@RequestMapping("/")
String home() {
return "Hello World!";
}
public static void main(String[] args) throws Exception {
SpringApplication.run(Example.class, args);
}
}
我只使用这种依赖:https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-web/1.4.4.RELEASE
我不需要任何过滤器,任何安全性,我希望在Spring收到请求并检查路由后,它将调用 home 方法。
如何配置Spring Boot以禁用所有过滤器,所有安全性,所有内容?
答案 0 :(得分:0)
您可以使用security.ignored属性,也可以使用此配置接受所有请求(spring boot 1.4.2):
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class UnsafeWebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(final HttpSecurity http) throws Exception {
// Accept all requests and disable CSRF
http.csrf().disable()
.authorizeRequests()
.anyRequest().permitAll();
// To be able to see H2 console.
http.headers().frameOptions().disable();
}
}