I tried to upgrade my sample to Spring Boot 2.1.0.RELEASE, the PostControllerTest which used #WebFluxTest failed due to Spring Security protection. But in the initial version(Spring Boot 2.0.0.M7) it worked.
This is the expected behavior as of Spring Boot 2.1.0. It's been implemented in spring-boot#13632 and a similar issue has been raised already about this. We're aligning with the behavior of Spring MVC auto-configuration here.
You can learn how to improve your test configuration in the Spring Security documentation.
Related
I have a Spring 5 MVC application without Spring Boot that I need to migrate it's current Spring Security LDAP implementatino to a new Spring Security OAuth2 Resource Server implementation. I tried for several days without any luck to convert this application to Spring Boot and I am hoping I can do this migration without Spring Boot, the problem is that all the resources I found so far (examples,guides,etc.) only work with Spring Boot.
Any help is greatly appreciate it.
I'm in the process of migrating away from the spring-security-saml module that has been deprecated to the new SAML support built into Spring Security 5+. I'd really like to not have to migrate this entire project from Spring Framework to String Boot at this time, so does anyone know if there is documentation on how to get Spring Security with SAML working on vanilla Spring Framework, everything I've seen has been only Spring Boot. Any help would be majestic!
I'm actually having issues with this in Spring Boot 2.0 and Spring Security. I understand that Spring Security now secures everything, which inclues static resources, and have implemented the suggested line of code:
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
I've added this to my WebSecurityConfig, but it seems like my static resources still cannot be found/mapped/loaded. I'm upgrading from Spring boot 1.5.13 to 2.0.2. Everything is in it's appropriate location.
Anyone else still having this problem? Thanks!
I would like to add Spring Boot actuator metrics to my existing Spring MVC 5 application (I cannot convert to Spring Boot).
There are a couple of answered questions on SO (Spring Boot Actuator without Spring Boot) but they are for using Spring Boot Actuator 1.x.
Spring Boot Actuator 2.x has been re-architected and so these instructions are no longer valid.
Has anyone integrated Spring Boot Actuator 2.x with a standard Spring MVC 5 app?
Unfortunately you cannot include Spring Boot Actuator without requiring Spring Boot. Spring Boot is a Maven dependency of the Spring Boot Actuator project (the name also suggests that spring boot is required).
You can check out the actual dependency of spring-boot in the pom of spring-boot-actuator.
I started configuring security for a Spring boot application but WebMvcSecurityConfiguration is marked deprecated.
Is there a better alternative to configure security?
I'm using spring boot 1.5.4.
From official documentation
As of Spring Security 4.0, #EnableWebMvcSecurity is deprecated. The replacement is #EnableWebSecurity which will determine adding the Spring MVC features based upon the classpath.
https://docs.spring.io/spring-security/site/docs/current/reference/html/mvc.html