Question

我使用了spring boot 2.1.6.RELEASE，并在pom.xml中添加了spring安全性。我的pom.xml是：

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.1.6.RELEASE</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.rest.restfulwebservices</groupId>
    <artifactId>restfulwebservices</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>restfulwebservices</name>
    <description>Demo project for Spring Boot</description>

    <properties>
        <java.version>1.8</java.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>

        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>

        <!-- for getting data in xml format-->
        <!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.dataformat/jackson-dataformat-xml -->
        <dependency>
            <groupId>com.fasterxml.jackson.dataformat</groupId>
            <artifactId>jackson-dataformat-xml</artifactId>
        </dependency>



    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

</project>

在application.properties文件中，我添加了一些代码来禁用spring secutiry：

security.ignored=/**
spring.security.enabled=false
management.security.enabled=false
security.basic.enabled=false

我的加载类是：

package com.rest.restfulwebservices.restfulwebservices;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;

import java.util.Locale;

@SpringBootApplication(scanBasePackages = {"com.rest"})
public class RestfulwebservicesApplication {

    public static void main(String[] args) {
        SpringApplication.run(RestfulwebservicesApplication.class, args);
    }


}

尽管我添加了禁用弹簧安全性的配置，但仍向我显示默认生成的密码为：

Using generated security password: c23282bc-9b85-4fc4-a947-81a5f668a751

为什么禁用Spring Security不起作用？

Answer 1

security.ignored=/**已从Spring Boot 2中弃用。使用antMatchers("/**").permitAll();允许所有请求，或者如果您不想使用Spring Security，只需删除依赖项

@Configuration
@EnableWebSecurity
public class SecurityConfiguration  extends WebSecurityConfigurerAdapter{
    @Override
    protected void configure(HttpSecurity http) throws Exception{
        http.authorizeRequests().antMatchers("/**").permitAll();
    }
}

禁用弹簧安全性不起作用

1 个答案: