DEV Community

loading...
Cover image for Debugging Spring Security
Focused Labs

Debugging Spring Security

Parker Drake
Originally published at focusedlabs.io Updated on ・1 min read

Spring Security is hard to debug and hard to test. Make your life easier with significantly better log output by using debug = true in the EnableWebSecurity annotation:

@EnableWebSecurity(debug = true)
public class CustomConfig extends WebSecurityConfigurerAdapter {
    // your config here
}
Enter fullscreen mode Exit fullscreen mode

Don't use this in production!

Discussion (2)

Collapse
elmuerte profile image
Michiel Hendriks

It is better to handle this via a property in your WebSecurityConfigurerAdapter

@EnableWebSecurity
public class CustomConfig extends WebSecurityConfigurerAdapter {

    @Value("${spring.security.debug:false}")
    boolean securityDebug;

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.debug(securityDebug);
    }
}
Enter fullscreen mode Exit fullscreen mode
Collapse
jamesmcmahon profile image
James McMahon

Thanks for writing this one down. The information is out there of course, but I have worked with Spring Security for so long not knowing about this switch.