Spring WebFlux with traditional Web Security

问题

I tried to test Spring WebFlux with traditional Web Security(@EnableWebSecurity). I used the Tomcat intead of Netty. I got the follow error message.

*************************** APPLICATION FAILED TO START

---

Description:

The bean 'springSecurityFilterChain', defined in class path resource [org/springframework/boot/actuate/autoconfigure/security/reactive/ReactiveManagementWebSecurityAutoConfiguration.class], could not be registered. A bean with that name has already been defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class] and overriding is disabled.

Action:

Consider renaming one of the beans or enabling overriding by setting spring.main.allow-bean-definition-overriding=true

And I add spring.main.allow-bean-definition-overriding=true into application.properties. It works. But it generate new password. I am sure It didn't read my Custom SecurityConfig Adapter Class.

I would like to know that Why do I need this properties value?

And why didn't load my Adapter class after add the properties?

here is my SecurityConfig Adapter Class.

@Configuration
//@EnableWebFluxSecurity
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Override
    protected void configure(AuthenticationManagerBuilder auth)
        throws Exception {
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
        auth
        .inMemoryAuthentication()
          .withUser("user")
            .password(encoder.encode("user"))
            .authorities("ROLE_USER")
          .and()
          .withUser("woody")
            .password(encoder.encode("bullseye"))
            .authorities("ROLE_ADMIN");
    }

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
          .antMatchers("/hello")
          .authenticated()
          .antMatchers("/**")
          .permitAll()
          .and()
          .httpBasic();
    }

}

pom.xml

       <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-webflux</artifactId>
            <exclusions>
                <exclusion>
                    <groupId>org.springframework.boot</groupId>
                    <artifactId>spring-boot-starter-reactor-netty</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>io.projectreactor</groupId>
            <artifactId>reactor-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-tomcat</artifactId>
            <!--<scope>provided</scope>-->
        </dependency>

来源：https://stackoverflow.com/questions/53847627/spring-webflux-with-traditional-web-security