|
|
|
@ -2290,9 +2290,9 @@ properties are externalized via
|
|
|
|
|
The default security configuration is implemented in `SecurityAutoConfiguration` and in
|
|
|
|
|
the classes imported from there (`SpringBootWebSecurityConfiguration` for web security
|
|
|
|
|
and `AuthenticationManagerConfiguration` for authentication configuration which is also
|
|
|
|
|
relevant in non-web applications). To switch off the default web security configuration
|
|
|
|
|
completely you can add a bean with `@EnableWebSecurity` (this does not disable the
|
|
|
|
|
authentication manager configuration). To customize
|
|
|
|
|
relevant in non-web applications). To switch off the default web application security
|
|
|
|
|
configuration completely you can add a bean with `@EnableWebSecurity` (this does not
|
|
|
|
|
disable the authentication manager configuration or Actuator's security). To customize
|
|
|
|
|
it you normally use external properties and beans of type `WebSecurityConfigurerAdapter`
|
|
|
|
|
(e.g. to add form-based login). To also switch off the authentication manager configuration
|
|
|
|
|
you can add a bean of type `AuthenticationManager`, or else configure the
|
|
|
|
|