root
/
spring-boot
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
root-patch-6
root-patch-5
root-patch-4
root-patch-3
root-patch-2
root-patch-1
3.1.x
3.0.x
2.7.x
2.6.x
2.5.x
2.4.x
2.3.x
2.2.x
2.1.x
2.0.x
1.5.x
1.4.x
1.3.x
1.2.x
1.0.x
1.1.x
v3.2.0-M3
v3.1.4
v3.0.11
v2.7.16
v3.2.0-M2
v3.1.3
v3.0.10
v2.7.15
v3.2.0-M1
v3.1.2
v3.0.9
v2.7.14
v3.1.1
v3.0.8
v2.7.13
v3.1.0
v2.6.15
v2.5.15
v3.0.7
v2.7.12
v3.1.0-RC2
v3.1.0-RC1
v3.0.6
v2.7.11
v3.1.0-M2
v3.0.5
v2.7.10
v3.0.4
v3.1.0-M1
v3.0.3
v2.7.9
v3.0.2
v2.7.8
v3.0.1
v2.7.7
v3.0.0
v2.7.6
v2.6.14
v3.0.0-RC2
v3.0.0-RC1
v2.7.5
v2.6.13
v3.0.0-M5
v2.7.4
v2.6.12
v2.7.3
v2.6.11
v3.0.0-M4
v2.7.2
v2.6.10
v2.7.1
v2.6.9
v3.0.0-M3
v2.7.0
v2.6.8
v2.5.14
v2.7.0-RC1
v2.6.7
v2.5.13
v2.6.6
v2.5.12
v3.0.0-M2
v2.7.0-M3
v2.6.5
v2.5.11
v2.7.0-M2
v2.6.4
v2.5.10
v3.0.0-M1
v2.7.0-M1
v2.6.3
v2.5.9
v2.6.2
v2.5.8
v2.6.1
v2.6.0
v2.5.7
v2.4.13
v2.6.0-RC1
v2.5.6
v2.4.12
v2.6.0-M3
v2.5.5
v2.4.11
v2.6.0-M2
v2.5.4
v2.4.10
v2.6.0-M1
v2.5.3
v2.4.9
v2.5.2
v2.4.8
v2.5.1
v2.4.7
v2.3.12.RELEASE
v2.5.0
v2.4.6
v2.3.11.RELEASE
v2.5.0-RC1
v2.4.5
v2.3.10.RELEASE
v2.5.0-M3
v2.4.4
v2.5.0-M2
v2.4.3
v2.3.9.RELEASE
v2.5.0-M1
v2.4.2
v2.3.8.RELEASE
v2.2.13.RELEASE
v2.4.1
v2.3.7.RELEASE
v2.2.12.RELEASE
v2.4.0
v2.3.6.RELEASE
v2.4.0-RC1
v2.3.5.RELEASE
v2.2.11.RELEASE
v2.1.18.RELEASE
v2.4.0-M4
v2.4.0-M3
v2.3.4.RELEASE
v2.2.10.RELEASE
v2.1.17.RELEASE
v2.4.0-M2
v2.3.3.RELEASE
v2.3.2.RELEASE
v2.2.9.RELEASE
v2.1.16.RELEASE
v2.4.0-M1
v2.3.1.RELEASE
v2.2.8.RELEASE
v2.1.15.RELEASE
v2.3.0.RELEASE
v2.2.7.RELEASE
v2.1.14.RELEASE
v2.3.0.RC1
v2.3.0.M4
v2.2.6.RELEASE
v2.3.0.M3
v2.2.5.RELEASE
v2.1.13.RELEASE
v2.3.0.M2
v2.3.0.M1
v2.2.4.RELEASE
v2.2.3.RELEASE
v2.1.12.RELEASE
v2.2.2.RELEASE
v2.1.11.RELEASE
v2.2.1.RELEASE
v2.1.10.RELEASE
v2.2.0.RELEASE
v2.2.0.RC1
v2.1.9.RELEASE
v2.2.0.M6
v2.1.8.RELEASE
v2.2.0.M5
v2.1.7.RELEASE
v1.5.22.RELEASE
v2.2.0.M4
v2.1.6.RELEASE
v2.2.0.M3
v2.1.5.RELEASE
v1.5.21.RELEASE
v2.2.0.M2
v2.1.4.RELEASE
v2.0.9.RELEASE
v1.5.20.RELEASE
v2.2.0.M1
v2.1.3.RELEASE
v2.1.2.RELEASE
v2.0.8.RELEASE
v1.5.19.RELEASE
v2.1.1.RELEASE
v2.0.7.RELEASE
v1.5.18.RELEASE
v2.1.0.RELEASE
v2.1.0.RC1
v2.0.6.RELEASE
v1.5.17.RELEASE
v2.1.0.M4
v2.1.0.M3
v2.0.5.RELEASE
v1.5.16.RELEASE
v2.1.0.M2
v2.1.0.M1
v2.0.4.RELEASE
v1.5.15.RELEASE
v2.0.3.RELEASE
v1.5.14.RELEASE
v2.0.2.RELEASE
v1.5.13.RELEASE
v1.5.12.RELEASE
v2.0.1.RELEASE
v1.5.11.RELEASE
v2.0.0.RELEASE
v2.0.0.RC2
v2.0.0.RC1
v1.5.10.RELEASE
v2.0.0.M7
v1.5.9.RELEASE
v2.0.0.M6
v1.5.8.RELEASE
v2.0.0.M5
v2.0.0.M4
v1.5.7.RELEASE
v1.5.6.RELEASE
v2.0.0.M3
v1.5.5.RELEASE
v2.0.0.M2
v1.5.4.RELEASE
v1.4.7.RELEASE
v2.0.0.M1
v1.5.3.RELEASE
v1.4.6.RELEASE
v1.5.2.RELEASE
v1.4.5.RELEASE
v1.5.1.RELEASE
v1.5.0.RELEASE
v1.4.4.RELEASE
v1.5.0.RC1
v1.4.3.RELEASE
v1.4.2.RELEASE
v1.4.1.RELEASE
v1.3.8.RELEASE
v1.4.0.RELEASE
v1.3.7.RELEASE
v1.4.0.RC1
v1.3.6.RELEASE
v1.4.0.M3
v1.3.5.RELEASE
v1.3.4.RELEASE
v1.4.0.M2
v1.4.0.M1
v1.3.3.RELEASE
v1.3.2.RELEASE
v1.3.1.RELEASE
v1.2.8.RELEASE
v1.3.0.RELEASE
v1.3.0.RC1
v1.2.7.RELEASE
v1.2.6.RELEASE
v1.3.0.M5
v1.3.0.M4
v1.3.0.M3
v1.3.0.M2
v1.2.5.RELEASE
v1.3.0.M1
v1.2.4.RELEASE
v1.2.3.RELEASE
v1.1.12.RELEASE
v1.2.2.RELEASE
v1.1.11.RELEASE
v1.2.1.RELEASE
v1.1.10.RELEASE
v1.2.0.RELEASE
v1.2.0.RC2
v1.2.0.RC1
v1.1.9.RELEASE
v1.2.0.M2
v1.1.8.RELEASE
v1.1.7.RELEASE
v1.2.0.M1
v1.1.6.RELEASE
v1.1.5.RELEASE
v1.1.4.RELEASE
v1.1.3.RELEASE
v1.1.2.RELEASE
v1.1.1.RELEASE
v1.1.0.RELEASE
v1.1.0.RC1
v1.1.0.M2
v1.1.0.M1
v1.0.2.RELEASE
v1.0.1.RELEASE
v1.0.0.RELEASE
v1.0.0.RC5
v1.0.0.RC4
v1.0.0.RC3
v1.0.0.RC2
v1.0.0.RC1
v0.5.0.M7
v0.5.0.M6
v0.5.0.M5
v0.5.0.M4
v0.5.0.M3
v0.5.0.M1
v0.5.0.M2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '918536ae79'
${ noResults }
spring-boot/spring-boot-samples/spring-boot-sample-web-secure
History
Dave Syer 0ccfba939e Switch to a matches-none filter for security.basic.enabled=false 
There were some residual issues to do with the changes to the implementation
of security.basic.enabled=false. It was a good idea to have a filetr chain
triggered by the flag being off because it smooths the way for user-defined
filter chains to use the Boot AuthenticationManager (as a first step at least),
but it wasn't a goog idea to add any actual secuity features to that filter.
E.g. if it has HSTS then even an app like Sagan that has some secure endpoints
that it manages itself and the rest is unsecured has issues because it can't
accept connections over HTTP even on unsecure endpoints.

TODO: find a way for security.ssl_enabled=true to apply to only the user-
defined security filter (maybe not possible or worth the effort, since they
can inject a SecurityProperties if they need it?).

See gh-928
 		11 years ago
..
src Switch to a matches-none filter for security.basic.enabled=false 11 years ago
pom.xml Man up and deal with CSRF in integration test 11 years ago