'How to disable authenticated access in Spring Security?
For dev and testing environments, I would like to disable authenticated @RestController access entirely throughout the application.
Is there any advantage or disadvantage using configured .anonymous() access over .permitAll()? Both works...
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
return http.anonymous().build();
//or
return http.authorizeExchange()
.anyExchange().permitAll()
.build();
}
Solution 1:[1]
if you want everyone(authenticated or unauthenticated) to access your url go with permitall() ,but if want your url to access only by unauthenticated users use anonymous()
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | vikas |