I'm new to Spring and checked Spring Security. In the Spring website there are links to HelloWorld Spring projects. The project could be imported by Maven and run on Eclipse dev environment. What's interesting about this project is there is no web.xml or context.xml which defines spring configurations.
The project contained two classes, and an index.jsp file.
@EnableWebSecurity
public class SecurityConfig {
// @formatter:off
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {`enter code here`
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
// @formatter:on
}
That is the config class, the other is the initializing class.
public class SecurityWebApplicationInitializer extends
AbstractSecurityWebApplicationInitializer {
public SecurityWebApplicationInitializer() {
super(SecurityConfig.class);
}
}
I commented @EnableWebSecurity and removed the annotations and assumed that Spring Security would be disabled, but no. When I executed it was looking for filter chain that isn't implemented anywhere.
How could such a thing happen. I even tried cleaning the server work directory and such but still its the same.
Any idea on how this simple project ticks?
If you are using Spring Boot, it automatically configures web security if spring-boot-starter-security is on the classpath. Please refer:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.