Add a @EnableWebSecurity if it looks like the user needs one

If the user explicitly disables the basic security features and forgets to
@EnableWebSecurity, and yet still wants a bean of type
WebSecurityConfigurerAdapter, he is trying to use a custom
security setup and the app would fail in a confusing way without
this change.

Fixes gh-568
This commit is contained in:
Dave Syer
2014-03-25 12:16:31 +00:00
parent 60fe468af9
commit 809a5a711f
4 changed files with 29 additions and 4 deletions

View File

@@ -35,7 +35,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
@EnableAutoConfiguration
@ComponentScan
@Controller
public class SampleSecureApplication extends WebMvcConfigurerAdapter {
public class SampleWebSecureApplication extends WebMvcConfigurerAdapter {
@RequestMapping("/")
public String home(Map<String, Object> model) {
@@ -52,7 +52,7 @@ public class SampleSecureApplication extends WebMvcConfigurerAdapter {
public static void main(String[] args) throws Exception {
// Set user password to "password" for demo purposes only
new SpringApplicationBuilder(SampleSecureApplication.class).properties("security.user.password=password").run(
new SpringApplicationBuilder(SampleWebSecureApplication.class).properties("security.user.password=password").run(
args);
}