Spring Boot 2.x和Spring Security 5.x前禁用认证
在application.yml或application.properties中加入这么一段(yml与properties差异请自行搜索,这里示意)
security.basic.enabled=false
management.security.enabled=false
这样可以禁用掉弹出的用户名及密码输入
Spring Boot 2.x和Spring Security 5.x后禁用认证
由于改版之后,如下的一些配置均废弃
security.basic.authorize-mode
security.basic.enabled
security.basic.path
security.basic.realm
security.enable-csrf
security.headers.cache
security.headers.content-security-policy
security.headers.content-security-policy-mode
security.headers.content-type
security.headers.frame
security.headers.hsts
security.headers.xss
security.ignored
security.require-ssl
security.sessions
导致即使按照上面的配置配好后也无法生效
解决方案
参照地址: stackoverflow
在启动类前的@SpringBootApplication注解中加入exclude属性
SecurityAutoConfiguration
ManagementWebSecurityAutoConfiguration
以排除安全认证
@SpringBootApplication(exclude = {SecurityAutoConfiguration.class,ManagementWebSecurityAutoConfiguration.class})
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class,args);
}
}