发表新帖
发表新帖

How to disable spring-security login screen?

前端 未结
关注
7 2739
慢半拍i
慢半拍i 2020-12-14 00:23

I\'m using spring-boot-starter-security dependency, to make use of several classes that come with spring-security. But as I want to integrate it in

相关标签:
7条回答
  • 日久生厌
    2020-12-14 00:57

    To completely disable the login route use Spring Security configuration object

    The following snippet uses org.springframework.boot:2.1.6.RELEASE

    @Configuration
@EnableWebSecurity
class SecurityConfig : WebSecurityConfigurerAdapter() {
  override fun configure(security: HttpSecurity) {
    super.configure(security)

    security.httpBasic().disable()

    security.cors().and().csrf().disable().authorizeRequests()
      .anyRequest().authenticated()
      .and().formLogin().disable() // <-- this will disable the login route
      .addFilter(JWTAuthorizationFilter(authenticationManager()))
      .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
  }

  @Bean
  fun corsConfigurationSource(): CorsConfigurationSource {
    val source = UrlBasedCorsConfigurationSource()
    val config = CorsConfiguration().applyPermitDefaultValues()
    config.addExposedHeader("Authorization")
    source.registerCorsConfiguration("/**", config)
    return source
  }
}
    0 讨论(0)
  • 清歌不尽
    2020-12-14 00:57

    On the main spring-boot application class (the class which has @SpringBootApplication annotation)

    @SpringBootApplication(exclude={SecurityAutoConfiguration.class})
    0 讨论(0)
  • 终归单人心
    2020-12-14 00:59

    The default security in Spring Boot is Basic. You could disable it by setting security.basic.enabled=false. More about this here and here.

    0 讨论(0)
  • 无人共我
    2020-12-14 01:06

    If someone still needs the solution, put a method in the REST controller like this:

    @RestController
public class myRestController{

    @GetMapping("/login")
    public String redirectTo(){
        return "yourRedirectLink";
    }

}

    This solution is very good to work with spring and react packed in a jar

    0 讨论(0)
  • 耶瑟儿~
    2020-12-14 01:16

    you can use java based configuration like this : 

    @Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity security) throws Exception
    {
     security.httpBasic().disable();
    }
}

    and restart your application if it's refresh automatically.

    0 讨论(0)
  • 一向
    2020-12-14 01:19

    Disable the default spring security by excluding it from the autoconfiguration. Add SecurityAutoConfiguration.class to the exclude property of the @SpringBootApplication annotation on your main class. Like follows:

    @SpringBootApplication(exclude = { SecurityAutoConfiguration.class })
public class MyApplication {
    public static void main(String[] args) {
        SpringApplication.run(MyApplication.class, args);
    }
}
    0 讨论(0)
 看不清?
提交回复
热议问题