Announcement Announcement Module
Collapse
No announcement yet.
Disable Spring security from xml configuration file Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Disable Spring security from xml configuration file

    Hi, I have a small issue and I hope somebody will help with a hint or something.

    I have a simple security spring security on my application and i need to have the ability to switch the security mode on/off by the configuration xml.

    My spring-security.xml

    Code:
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans 
            http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
            http://www.springframework.org/schema/security 
            http://www.springframework.org/schema/security/spring-security-3.1.xsd">
            
    	<http auto-config="true">
    		<intercept-url pattern="/*" access="ROLE_ADMIN"/>
    		<logout logout-success-url="/mainpage" />
    	</http>
    
    	<authentication-manager>
    		<authentication-provider>
    			<user-service>
    				<user name="hey" password="there" authorities="ROLE_ADMIN" />
    			</user-service>
    		</authentication-provider>
    	</authentication-manager>
    
    </beans:beans>
    Maybe there is a simple way to set "disable mode" for it?

  • #2
    Originally posted by ttts View Post
    Hi, I have a small issue and I hope somebody will help with a hint or something.

    I have a simple security spring security on my application and i need to have the ability to switch the security mode on/off by the configuration xml.

    My spring-security.xml

    Code:
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans 
            http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
            http://www.springframework.org/schema/security 
            http://www.springframework.org/schema/security/spring-security-3.1.xsd">
            
    	<http auto-config="true">
    		<intercept-url pattern="/*" access="ROLE_ADMIN"/>
    		<logout logout-success-url="/mainpage" />
    	</http>
    
    	<authentication-manager>
    		<authentication-provider>
    			<user-service>
    				<user name="hey" password="there" authorities="ROLE_ADMIN" />
    			</user-service>
    		</authentication-provider>
    	</authentication-manager>
    
    </beans:beans>
    Maybe there is a simple way to set "disable mode" for it?
    If you're just looking to disable UI security, then https://jira.springsource.org/browse/SEC-1494 may be appropriate. If you're trying to disable/enable your filters - you might take a look at spring's profiles to pick your filter chain based on your environment variables. I haven't tried that myself though.

    Comment

    Working...
    X