How to disabled spring-security by application.properties?

Question

I'd trying to activate basic authentication with password hash encryption.

@Configuration //gets picked up automatically by spring-boot
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
          auth.userDetailsService(details).passwordEncoder(new BCryptPasswordEncoder());
    }
}

I want the authentication only being active in production. So I'm trying to deactivate it in general at first, use:

security.basic.enabled=false

Result: the application is still secured. I'm presented with the username/password screen.

But how could I then disable the need for authentication?

Answer 1

Solved with ConditionalOnProperty:

@Configuration
@ConditionalOnProperty("security.basic.enabled")
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

}