DIsabling JBoss EAP 6.4 basic authentication

Question

I have Spring Boot application which use Spring Security OAuth2 as the protection. The application worked well when tested using default server. However, when I try to deploy it on JBoss EAP 6.4 , the application expects the CSRF token. How do I disable JBoss' basic authentication so that my application does not require CSRF token?

EDIT:

As I have described at the comment for sadasidha's answer, this problem didn't show up on Wildfly 8 (JBoss AS)

mirmdasif · Answer 1 · 2015-05-11T08:45:02.840

0

Disable csrf protection. It's enabled by default

@Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // Disable 
        http.csrf().disable();
    // ...... }

edited May 11 '15 at 08:45

answered May 11 '15 at 07:23

mirmdasif

6,014
2
22
28

Nope, still asking for the CSRF token. Btw, when I use the default server, I don't have to disable the CSRF, it is automatically disabled. I can;t use CSRF because I'm developing API which is accessed with CURL – IllSc May 11 '15 at 07:50
Surprisingly my application run well on Wildfly 8 (JBoss AS). – IllSc May 11 '15 at 08:29
can you give me your log – mirmdasif May 11 '15 at 08:51

score 0 · Answer 2 · edited May 23 '17 at 10:27

0

I have found the solution. Actually it is the result of mapping problem. I'm following the solution from Spring Java Config vs Jboss 7

edited May 23 '17 at 10:27

Community

1
1

answered May 12 '15 at 05:23

IllSc

1,419
3
17
24

DIsabling JBoss EAP 6.4 basic authentication

2 Answers2