Which two statements are true regarding Spring Security? (Choose two.)
Which two statements are true regarding Spring Security? (Choose two.)
Spring Security allows configuring access control at the method level, enabling fine-grained security management through annotations and configuration. Additionally, Spring Security supports various mechanisms for accessing authentication data, such as databases, LDAP, and more, providing flexibility in how authentication information is retrieved and managed.
A,C correct
permitAll() does not bypass security entirely, it just allows access to the specified matcher, but other security related filters still run. e.g. cors, cqrs ...
Correct. The only way to bypass Spring Security completely is to use a WebSecurityCustomizer with the .ignore() method.
A and C.
A and C are the best answer