DefaultSecurityFilterChain: Wrong log message "Will not secure"

[SebastianS90]

Describe the bug
Log displays Will not secure ... instead of Will secure ... with ....

To Reproduce
Configure a SecurityFilterChain bean and use log level info.

Expected behavior
Log shows Will secure ... with ....

The condition here needs to be inverted.

[linghengqian]

In my test of spring security 5.6.2, some SecurityFilterChain​ Beans are also will not secure, while others are will secure.
Is DefaultSecurityFilterChain​ class intentional in judging the processing of the filter? I didn't see enough information in the official website documentation.

[jzheaux]

Hi, @linghengqian. If no filters are assigned to that particular request, then Spring Security can do no securing. Typically, this is induced by using web.ignoring() which skips all Spring Security filters for that request.