Skip to content

Leave Filter Chain Observations Off By Default #15858

New issue
New issue
Open
Open
Leave Filter Chain Observations Off By Default#15858
Assignees
jzheaux
Labels
in: configAn issue in spring-security-configtype: breaks-passivityA change that breaks passivity with the previous releasetype: enhancementA general enhancement
Milestone
7.0.x
@jzheaux

Description

@jzheaux
jzheaux
opened on Sep 26, 2024
Contributor

The current default in Spring Security is that all its observations--filter chain, authentication, and authorization--are made.

In #15678, SecurityObservationSettings was added so that applications could easily change these settings. Its default is that filter chain observations are off. That is, one can opt-in to the new set of defaults by publishing this bean.

This should become the default setting even if there isn't a SecurityObservationSettings bean present.

Activity

jzheaux
added
in: configAn issue in spring-security-config
type: enhancementA general enhancement
type: breaks-passivityA change that breaks passivity with the previous release
on Sep 26, 2024
jzheaux
added this to the 7.0.x milestone on Sep 26, 2024
jzheaux
self-assigned this
on Sep 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

in: configAn issue in spring-security-configtype: breaks-passivityA change that breaks passivity with the previous releasetype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

    Development

    No branches or pull requests

      Participants

      @jzheaux

      Issue actions
        Leave Filter Chain Observations Off By Default · Issue #15858 · spring-projects/spring-security