DEV Community

Cover image for Debugging Spring Security
Focused profile image Parker Drake
Parker Drake for Focused

Posted on • Edited on • Originally published at focusedlabs.io

Debugging Spring Security

#security #spring #bloggolf #todayilearned

Spring Security is hard to debug and hard to test. Make your life easier with significantly better log output by using debug = true in the EnableWebSecurity annotation:

@EnableWebSecurity(debug = true)
public class CustomConfig extends WebSecurityConfigurerAdapter {
    // your config here
}
Enter fullscreen mode Exit fullscreen mode

Don't use this in production!

Top comments (2)

Collapse
 
elmuerte profile image
Michiel Hendriks

It is better to handle this via a property in your WebSecurityConfigurerAdapter

@EnableWebSecurity
public class CustomConfig extends WebSecurityConfigurerAdapter {

    @Value("${spring.security.debug:false}")
    boolean securityDebug;

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.debug(securityDebug);
    }
}
Enter fullscreen mode Exit fullscreen mode
Collapse
 
jamesmcmahon profile image
James McMahon

Thanks for writing this one down. The information is out there of course, but I have worked with Spring Security for so long not knowing about this switch.

Read next

raphaeldelio profile image

Don't forget to flush! — Ensuring Data Integrity in Spring Data JPA

Raphael De Lio -

saaransh_gupta_1903 profile image

Handling JWT Authentications Securely: Pitfalls and Best Practices

Saaransh Gupta -

bytehackr profile image

LINUX Systems Under Attack via Printing System (CUPS)

Sandipan Roy -

anh_trntun_4732cf3d299 profile image

Dynamic Proxy in Spring: A Comprehensive Guide with Examples and Demos

Anh Trần Tuấn -