Is there a way to disable spring security in yml config

Question

I have a spring security config that implements HTTP basic authentication like this:

@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    private final AuthenticationEntryPoint authenticationEntryPoint;
    private final MyAuthenticationProvider myAuthenticationProvider;

    @Override
    public void configure(final AuthenticationManagerBuilder auth) {
        auth.authenticationProvider(myAuthenticationProvider);
    }

    @Override
    protected void configure(final HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .anyRequest().authenticated()
            .and()
            .httpBasic()
            .authenticationEntryPoint(authenticationEntryPoint);
    }

    @Override
    public void configure(final WebSecurity web) {
        web.ignoring().antMatchers("/swagger-ui/**",
                                   ....
                                   ....);
    }
}

It works fine.

However, for some of the developers, it is annoying to have to authenticate to endpoints during development.

Is there an out-of-box configuration Spring Security offers so that I can disable endpoint authentication in the yml configuration file?

I understand I can implement it myself, but I would like to know if there is an out-of-box option.

@Anothercoder Yes. None of these worked for me unfortunately. — ZZZ, Oct 19 '21 at 10:37
Add a profile and then set the config to exclude that profile — Toerktumlare, Oct 19 '21 at 10:50
Does this answer your question? [Spring Boot 2.0.x disable security for certain profile](https://stackoverflow.com/questions/49258766/spring-boot-2-0-x-disable-security-for-certain-profile) — dur, Oct 20 '21 at 17:56

Is there a way to disable spring security in yml config

0 Answers0