Skip to content

Leave Filter Chain Observations Off By Default #15858

New issue
New issue
Open
Open
Leave Filter Chain Observations Off By Default#15858
Assignees
jzheaux
Labels
in: configAn issue in spring-security-configtype: breaks-passivityA change that breaks passivity with the previous releasetype: enhancementA general enhancement
Milestone
 
7.0.x
@jzheaux

Description

@jzheaux
jzheaux
opened on Sep 26, 2024

The current default in Spring Security is that all its observations--filter chain, authentication, and authorization--are made.

In #15678, SecurityObservationSettings was added so that applications could easily change these settings. Its default is that filter chain observations are off. That is, one can opt-in to the new set of defaults by publishing this bean.

This should become the default setting even if there isn't a SecurityObservationSettings bean present.

Metadata

Metadata

Assignees

Labels

in: configAn issue in spring-security-configtype: breaks-passivityA change that breaks passivity with the previous releasetype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions