Vaadin：您要求 Spring Security 忽略...这不推荐吗？

Question

启动我的应用程序时，我在日志中看到以下警告：

...
2022-09-05 09:14:56,557 WARN  [main] org.springframework.security.config.annotation.web.builders.WebSecurity: 
You are asking Spring Security to ignore Or [Ant [pattern='/favicon.ico'], Ant [pattern='/manifest.webmanifest'], Ant [pattern='/sw.js'], Ant [pattern='/sw-runtime-resources-precache.js'], Ant [pattern='/offline.html'], Ant [pattern='/offline-stub.html'], Ant [pattern='/icons/icon.png'], Ant [pattern='/themes/**'], Ant [pattern='/icons/icon-144x144.png'], Ant [pattern='/icons/icon-192x192.png'], Ant [pattern='/icons/icon-512x512.png'], Ant [pattern='/icons/icon-16x16.png'], Ant [pattern='/icons/icon-32x32.png'], Ant [pattern='/icons/icon-96x96.png'], Ant [pattern='/icons/icon-180x180.png'], Ant [pattern='/icons/icon-2048x2732.png'], Ant [pattern='/icons/icon-2732x2048.png'], Ant [pattern='/icons/icon-1668x2388.png'], Ant [pattern='/icons/icon-2388x1668.png'], Ant [pattern='/icons/icon-1668x2224.png'], Ant [pattern='/icons/icon-2224x1668.png'], Ant [pattern='/icons/icon-1620x2160.png'], Ant [pattern='/icons/icon-2160x1620.png'], Ant [pattern='/icons/icon-1536x2048.png'], Ant [pattern='/icons/icon-2048x1536.png'], Ant [pattern='/icons/icon-1284x2778.png'], Ant [pattern='/icons/icon-2778x1284.png'], Ant [pattern='/icons/icon-1170x2532.png'], Ant [pattern='/icons/icon-2532x1170.png'], Ant [pattern='/icons/icon-1125x2436.png'], Ant [pattern='/icons/icon-2436x1125.png'], Ant [pattern='/icons/icon-1242x2688.png'], Ant [pattern='/icons/icon-2688x1242.png'], Ant [pattern='/icons/icon-828x1792.png'], Ant [pattern='/icons/icon-1792x828.png'], Ant [pattern='/icons/icon-1242x2208.png'], Ant [pattern='/icons/icon-2208x1242.png'], Ant [pattern='/icons/icon-750x1334.png'], Ant [pattern='/icons/icon-1334x750.png'], Ant [pattern='/icons/icon-640x1136.png'], Ant [pattern='/icons/icon-1136x640.png']]. 
This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.
...

请告知我需要做什么/添加什么才能消除该警告。

我的 SecurityConfiguration 看起来像这样（从示例应用程序复制）：

...package and imports omitted for brevity

@EnableWebSecurity
@Configuration
public class SecurityConfiguration extends VaadinWebSecurityConfigurerAdapter
{
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        setLoginView(http, LoginView.class);
    }

    @Bean
    @Override
    public UserDetailsService userDetailsService() {
        ... omitted user details handling for brevity ...
    }
}

我正在使用 Vaadin 23.1.2 和 Java 17。

Answer 1

您可以忽略该警告。

已报告问题，很快就会修复

https://github.com/vaadin/flow/issues/13868