I tried to disable Spring security in Spring Could using this configuration:
@SpringBootApplication(scanBasePackages = { ...... },
exclude = SecurityAutoConfiguration.class)
public class Application {
public static void main(final String[] args)
{
SpringApplication.run(Application.class, args);
}
}
When I make a request I get: An expected CSRF token cannot be found
and into prompt I get:
01:14:35.799 [boundedElastic-1] DEBUG DefaultWebSessionManager[lambda$createWebSession$3:94] - Created new WebSession. 01:14:35.862 [boundedElastic-1] DEBUG HttpWebHandlerAdapter[traceDebug:91] - [375ab2a1] Completed 403 FORBIDDEN
Do you know into the latest Spring Cloud how to disable Spring Security?
You can disable it using properties file:
security.enable.csrf=false
Or Alternatively:
You can disable
csrf
by extendingWebSecurityConfigurerAdapter
class and overridingconfigure
method. Refer to this spring document.