DEV Community

Cover image for Debugging Spring Security
Parker Drake for Focused Labs

Posted on • Updated on • Originally published at focusedlabs.io

Debugging Spring Security

Spring Security is hard to debug and hard to test. Make your life easier with significantly better log output by using debug = true in the EnableWebSecurity annotation:

@EnableWebSecurity(debug = true)
public class CustomConfig extends WebSecurityConfigurerAdapter {
    // your config here
}
Enter fullscreen mode Exit fullscreen mode

Don't use this in production!

Discussion (2)

Collapse
elmuerte profile image
Michiel Hendriks

It is better to handle this via a property in your WebSecurityConfigurerAdapter

@EnableWebSecurity
public class CustomConfig extends WebSecurityConfigurerAdapter {

    @Value("${spring.security.debug:false}")
    boolean securityDebug;

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.debug(securityDebug);
    }
}
Enter fullscreen mode Exit fullscreen mode
Collapse
jamesmcmahon profile image
James McMahon

Thanks for writing this one down. The information is out there of course, but I have worked with Spring Security for so long not knowing about this switch.