diff --git a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java index c868b29ba33..5cbc392537a 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java +++ b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java @@ -1,5 +1,5 @@ /* - * Copyright 2019-2024 the original author or authors. + * Copyright 2019-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -109,6 +109,7 @@ * @author Manuel Tejeda * @author Ebert Toribio * @author Ngoc Nhan + * @author Andrey Litvitski * @since 5.2 */ public class RSocketSecurity { @@ -119,6 +120,8 @@ public class RSocketSecurity { private SimpleAuthenticationSpec simpleAuthSpec; + private boolean disableAnonymous; + private JwtSpec jwtSpec; private AuthorizePayloadsSpec authorizePayload; @@ -179,6 +182,15 @@ public RSocketSecurity basicAuthentication(Customizer b return this; } + /** + * Disables anonymous authentication. + * @return the builder for additional customizations + */ + public RSocketSecurity disableAnonymous() { + this.disableAnonymous = true; + return this; + } + public RSocketSecurity jwt(Customizer jwt) { if (this.jwtSpec == null) { this.jwtSpec = new JwtSpec(); @@ -214,7 +226,9 @@ private List payloadInterceptors() { if (this.jwtSpec != null) { result.addAll(this.jwtSpec.build()); } - result.add(anonymous()); + if (!this.disableAnonymous) { + result.add(anonymous()); + } if (this.authorizePayload != null) { result.add(this.authorizePayload.build()); }