The problem was not in the security configuration. The problem was that, by having all the classes separated into packages, in the App class that launches the application, you must indicate all the packages in which Spring has to look for Beans. That is, you must add the annotations @ComponentScan, @EntityScan and @EnableJpaRepositories

@ComponentScan(basePackages = {"com.pgsanchez.ww2dates.controller", 
        "com.pgsanchez.ww2dates.dao", 
        "com.pgsanchez.ww2dates.securingweb",
        "com.pgsanchez.ww2dates.service",
        "com.pgsanchez.ww2dates"})
@EntityScan(basePackages= {"com.pgsanchez.ww2dates.model"}) //Packages donde tiene que buscar clases del modelo
@EnableJpaRepositories(basePackages= {"com.pgsanchez.ww2dates.dao"})
@SpringBootApplication
public class Ww2datesJpaApplication {

    public static void main(String[] args) {
        SpringApplication.run(Ww2datesJpaApplication.class, args);
    }

}

An important thing is that, when the configuration is not correct, or when something is missing, as in this case, Spring activates security by default, which blocks all pages and tells you, in the console, the password with which you must access . That's why that message always appeared.