Spring Boot 2 security basic authentication

Question

Why following basic security configurations do not apply inMemoryAuthentication() clause?

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extend         


        

Answer 1

Do not call super method from void configure(AuthenticationManagerBuilder auth). It sets disableLocalConfigureAuthenticationBldr flag to true that leads to your AuthenticationManagerBuilder being ignored. Finally your void configure(AuthenticationManagerBuilder auth) method should look like this:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.inMemoryAuthentication()
            .withUser("username").password("password").roles("USER");
}