Spring Security禁用方法安全性
[英]Spring Security disable method security
问题描述
While there are plenty of resources that point out how to disable Spring Security, there is not an explaination on how to disable method security. 
尽管有很多资源指出如何禁用Spring Security,但是没有有关如何禁用方法安全性的说明。
One example: 一个例子:
@SpringBootApplication(
exclude = SecurityAutoConfiguration.class
)
This however does not prevent the MethodSecurityInterceptor from kicking in, followed by a AuthenticationCredentialsNotFoundException . 但是,这不会阻止MethodSecurityInterceptor插入,随后是AuthenticationCredentialsNotFoundException 。
Is there a convenient way to disable method security without removing all annotations? 是否有一种方便的方法可以在不删除所有注释的情况下禁用方法安全性?
Edit: 编辑:
Im talking of 我在说
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
followed by 其次是
@PreAuthorize("hasAuthority('SOME_AUTHORITY')")
Edit 2: 编辑2:
As mentioned earlier, you simply cannot disable global method security by setting the parameters false: 如前所述,您无法通过将参数设置为false来禁用全局方法安全性:
Caused by: java.lang.IllegalStateException: In the composition of all global method
configuration, no annotation support was actually activated
1 个解决方案
解决方案1
0 2019-01-01 19:38:20
It turned out that somewhere in the application a custom GlobalMethodSecurityConfiguration has been created. 事实证明,在应用程序中的某个位置已创建了自定义GlobalMethodSecurityConfiguration 。 That, of course, is responsible for the described problem above. 当然,这是上述问题的原因。 After removing it (or moving it to a serarate profile), the problem disapeared. 删除(或将其移至锯齿状的轮廓)后,问题消失了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.