spring-projects/spring-security#11027 has changed the Spring Security default by applying authorization to every request.
Currently, to apply the FilterChainProxy to all dispatcher types using Spring Boot, one can do:
spring.security.filter.dispatcher-types=request,async,error,forward,include, where the default are just request,async,error.
Spring Boot should register the FilterChainProxy to all dispatcher types by default to better align with Spring Security defaults.
spring-projects/spring-security#11027 has changed the Spring Security default by applying authorization to every request.
Currently, to apply the
FilterChainProxyto all dispatcher types using Spring Boot, one can do:spring.security.filter.dispatcher-types=request,async,error,forward,include, where the default are justrequest,async,error.Spring Boot should register the
FilterChainProxyto all dispatcher types by default to better align with Spring Security defaults.