Spring Security Ability to disable anonymous authentication in RSocketSecurity

Expected Behavior

RSocketSecurity dsl should have ability to disable anonymous auth interceptor

Current Behavior

RSocketSecurity has hardcode in private method that adds anonymous interceptor no matter what

Context

I'm doing method-level security and rely on @PreAuthorize("authenticated"), my global security config has just permitAll. So anonymous authentication ruining my rsocket experience, for http security i can just disable it. As workaround i constructed PayloadSocketAcceptorInterceptor entirely by hand, but this process is quite tedious, it would be nice to be able to disable it in RSocketSecurity dsl like in http.

Comment From: jzheaux

Thanks for the suggestion, @Aaur1s. Are you able to submit a PR to add this? I think just the ability to disable will be fine for the time being since there are no other configurable aspects of AnonymousPayloadInterceptor.

Comment From: Aaur1s

Hey, I didn't able to answer in time, sorry. Thank you for your work!

Comment From: mehrdadbozorgmehr

Can I work on this issue? Please assign it to me.

Comment From: therepanic

Hi, @mehrdadbozorgmehr! You may have noticed that I attached the PR earlier and am already working on it. You can follow the process at https://github.com/spring-projects/spring-security/pull/17159.

Comment From: jzheaux

Thanks for your interest, @mehrdadbozorgmehr. We'd love to have you contribute on another ticket!

I'll close this in favor of https://github.com/spring-projects/spring-security/pull/17159 to alleviate confusion.