Spring webSecurity.ignoring() doesn't ignore custom filter

Question

I have a set a custom authentication filter in my Spring 4 MVC + Security + Boot project. The filter does it\'s job well and now I want to disable the security for some URI

Answer 1

After few tests I realized that in fact my configurations are ok and it's just a comprehension problem. The spring.security.ignored=/api/** doesn't bypass or turn off the filter. In reality every request still pass through my custom filter, but the difference is that Spring Security doesn't mind of the authentication status nor the granted authority coming from the custom filter.

I was wondering that the "ignored" property simply bypass the spring security filters. It sounds like I was totally wrong...