Commit Graph

6 Commits

Author SHA1 Message Date
Phillip Webb
8bcda1bcbe Polish 2014-05-20 18:26:56 +01:00
Dave Syer
14d3b46809 Add constants to SecurityProperties and ManagementServerProperties
For the convenience of users who want to selectively override the
access rules in an application without taking complete control of the
security configuration we now have some constants:

* SecurityProperties.ACCESS_OVERRIDE_ORDER for overriding just the
application endpoint access rules

* ManagementServerProperties.ACCESS_OVERRIDE_ORDER for overriding the
application endpoint and management endpoint access rules

Fixes gh-803
2014-05-08 05:32:43 -07:00
Phillip Webb
beaddb2362 Polish 2014-03-26 13:29:26 -07:00
Dave Syer
809a5a711f Add a @EnableWebSecurity if it looks like the user needs one
If the user explicitly disables the basic security features and forgets to
@EnableWebSecurity, and yet still wants a bean of type
WebSecurityConfigurerAdapter, he is trying to use a custom
security setup and the app would fail in a confusing way without
this change.

Fixes gh-568
2014-03-25 12:19:56 +00:00
Dave Syer
b21fdd3463 Switch default security filter back on
If the user sets security.basic.enabled=false he has to remember
to @EnableWebSecurity.  Possibly we could be more helpful about the
exception, but I think this might be pilot error.

Fixes gh-568
2014-03-25 07:51:25 +00:00
Dave Syer
d23dab3bd0 Change package name in sample 2014-01-22 09:34:56 +00:00