AADSecurityConfigWithIstioEnabled performs authentication with istio enabled
There is no difference in behavior when azure.istio.auth.enabled is true or false.
Both, AADSecurityConfig and AADSecurityConfigWithIstioEnabled.java performs same function.
http
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER)
.and()
.authorizeRequests()
.antMatchers("/", "/index.html",
"/v2/api-docs",
"/configuration/ui",
"/swagger-resources/**",
"/configuration/security",
"/swagger",
"/swagger-ui.html",
"/webjars/**").permitAll()
.anyRequest().authenticated()
.and()
.addFilterBefore(appRoleAuthFilter, UsernamePasswordAuthenticationFilter.class);Vs
http.httpBasic().disable()
.csrf().disable();