Spring security architecture guide describes old auto configuration from Spring Boot 1.x #19

aashaysaralkar · 2021-10-14T05:35:30Z

Spring security architecture guide needs to be changed to reflect the simplification done to the security auto configuration in Spring Boot 2.x. Documentation says:

A vanilla Spring Boot application with no custom security configuration has a several (call it n) filter chains, where usually n=6. The first (n-1) chains are there just to ignore static resource patterns, like /css/** and /images/**, and the error view: /error.

But SpringBootWebSecurityConfiguration no longer ignores them explicitly after the change in 2.6.0-M3 with this commit and every thing is secured by default in a vanilla setup with a single SecurityFilterChain via import of WebSecurityConfiguration

The text was updated successfully, but these errors were encountered:

jzheaux mentioned this issue Oct 14, 2021

Documentation : Spring security architecture guide describes old auto configuration from Spring Boot 1.x spring-projects/spring-security#10359

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Spring security architecture guide describes old auto configuration from Spring Boot 1.x #19

Spring security architecture guide describes old auto configuration from Spring Boot 1.x #19

aashaysaralkar commented Oct 14, 2021

Spring security architecture guide describes old auto configuration from Spring Boot 1.x #19

Spring security architecture guide describes old auto configuration from Spring Boot 1.x #19

Comments

aashaysaralkar commented Oct 14, 2021