发表新帖
发表新帖

How to get past the Authentication Required Spring-boot Security

前端 未结
关注
5 1125
无人共我
无人共我 2021-02-12 17:18

I have put in the password which is \"root\" and it keeps popping back up. How can I suppress this or get rid of it. I am using spring boot and spring security.

相关标签:
5条回答
  • 甜味超标
    2021-02-12 17:55

    You can bypass this spring boot security mechanism. See an example below for this:

    @SpringBootApplication
@EnableAutoConfiguration(exclude = {SecurityAutoConfiguration.class})
public class SampleSpringBootApplication {

    public static void main(String[] args) {
        SpringApplication.run(SampleSpringBootApplication.class, args);
    }
}
    0 讨论(0)
  • 無奈伤痛
    2021-02-12 17:57

    This class has to be in a parent package of all other packages: WebSecurityConfig. Also in application.properties set:

    security.basic.enabled=false
    0 讨论(0)
  • 一整个雨季
    2021-02-12 18:11

    ACV's answer is probably the easiest way to turn off the authentication completely by adding security.basic.enabled=false to the application.properties file which is usually located under src/main/resources folder.

    or you just type in the password :)

    1. use default password

    When you run your spring application, there is usually a whole bunch of logging printed, which people usually don't read. The password is actually generated and printed to the screen at the startup. and the username is simply user. If you are testing using a browser and it probably only need you enter it once and caches it, so once for all, you should be securely logged in without authenticating every time. (however, every time you restart your app, it will generate a new password)

    2. customize your password

    Add the following properties to your application.properties if you want to customize your username and password:

    security.user.name=myuser
security.user.password=mypassword

    And here is how it looks like with your own username and password

    Reference:

    1. Spring Boot Features - Security
    2. Monitoring and Management over HTTP
    0 讨论(0)
  • 春和景丽
    2021-02-12 18:12

    When Spring Security is in the classpath, Spring Boot by default secures all your pages with Basic authentication. That's why you are being asked for userid and password.

    You will need to configure the security. To do so, commonly people would extend a WebSecurityConfigurerAdapter, like this:

    @Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/", "/home").permitAll()
                .anyRequest().authenticated()
                .and()
            ...

    Refer this Spring Security guide for more details.

    0 讨论(0)
  • 逝去的感伤
    2021-02-12 18:13

    Here was the issues

    (1) .loginPage("/index") was saying my login page was at index, however I just wanted to use spring's default login page.

    (2) had to to move the security package inside the demo package (the main package). Thanks to @Sanjay for suggesting that. I tried to use @ComponantScan but it could not get it to work.

    0 讨论(0)
 看不清?
提交回复
热议问题