Merge branch '5.8.x'

2022-08-30 12:59:19 -05:00 · 2022-08-30 12:59:19 -05:00 · 3eac274317
parent 00584327bd 5bdbc3f78d
commit 3eac274317
5 changed files with 394 additions and 316 deletions
--- a/config/src/main/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDsl.kt
+++ b/config/src/main/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDsl.kt
@ -34,19 +34,21 @@ import jakarta.servlet.http.HttpServletRequest
 * ```
 * @Configuration
 * @EnableWebSecurity
- * class SecurityConfig : WebSecurityConfigurerAdapter() {
+ * class SecurityConfig {
 *
- *  override fun configure(http: HttpSecurity) {
+ *     @Bean
- *      http {
+ *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
- *          authorizeRequests {
+ *         http {
- *              authorize("/public", permitAll)
+ *             authorizeRequests {
- *              authorize(anyRequest, authenticated)
+ *                 authorize("/public", permitAll)
- *          }
+ *                 authorize(anyRequest, authenticated)
- *          formLogin {
+ *             }
- *              loginPage = "/log-in"
+ *             formLogin {
- *          }
+ *                 loginPage = "/log-in"
- *      }
+ *             }
- *  }
+ *         }
 *         return http.build()
 *     }
 * }
 * ```
 *
@ -85,16 +87,18 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          securityMatcher("/private/&ast;&ast;")
+     *         http {
-     *          formLogin {
+     *             securityMatcher("/private/&ast;&ast;")
-     *              loginPage = "/log-in"
+     *             formLogin {
-     *          }
+     *                 loginPage = "/log-in"
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -126,16 +130,18 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          securityMatcher(AntPathRequestMatcher("/private/&ast;&ast;"))
+     *         http {
-     *          formLogin {
+     *             securityMatcher(AntPathRequestMatcher("/private/&ast;&ast;"))
-     *              loginPage = "/log-in"
+     *             formLogin {
-     *          }
+     *                 loginPage = "/log-in"
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -156,15 +162,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          formLogin {
+     *         http {
-     *              loginPage = "/log-in"
+     *             formLogin {
-     *          }
+     *                 loginPage = "/log-in"
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -185,16 +193,18 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          authorizeRequests {
+     *         http {
-     *              authorize("/public", permitAll)
+     *             authorizeRequests {
-     *              authorize(anyRequest, authenticated)
+     *                 authorize("/public", permitAll)
-     *          }
+     *                 authorize(anyRequest, authenticated)
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -217,16 +227,16 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * @EnableWebSecurity
     * class SecurityConfig {
     *
-     *  @Bean
+     *     @Bean
-     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *      http {
+     *         http {
-     *          authorizeHttpRequests {
+     *             authorizeHttpRequests {
-     *              authorize("/public", permitAll)
+     *                 authorize("/public", permitAll)
-     *              authorize(anyRequest, authenticated)
+     *                 authorize(anyRequest, authenticated)
-     *          }
+     *             }
-     *      }
+     *         }
-     *      return http.build()
+     *         return http.build()
-     *  }
+     *     }
     * }
     * ```
     *
@ -248,15 +258,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          httpBasic {
+     *         http {
-     *              realmName = "Custom Realm"
+     *             httpBasic {
-     *          }
+     *                 realmName = "Custom Realm"
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -277,15 +289,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          passwordManagement {
+     *         http {
-     *              changePasswordPage = "/custom-change-password-page"
+     *             passwordManagement {
-     *          }
+     *                 changePasswordPage = "/custom-change-password-page"
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -307,17 +321,19 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          headers {
+     *         http {
-     *              referrerPolicy {
+     *             headers {
-     *                  policy = ReferrerPolicy.SAME_ORIGIN
+     *                 referrerPolicy {
-     *              }
+     *                     policy = ReferrerPolicy.SAME_ORIGIN
-     *          }
+     *                 }
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -338,15 +354,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          cors {
+     *         http {
-     *              disable()
+     *             cors {
-     *          }
+     *                 disable()
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -367,18 +385,20 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          sessionManagement {
+     *         http {
-     *              invalidSessionUrl = "/invalid-session"
+     *             sessionManagement {
-     *              sessionConcurrency {
+     *                 invalidSessionUrl = "/invalid-session"
-     *                  maximumSessions = 1
+     *                 sessionConcurrency {
-     *              }
+     *                     maximumSessions = 1
-     *          }
+     *                 }
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -399,15 +419,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          portMapper {
+     *         http {
-     *              map(80, 443)
+     *             portMapper {
-     *          }
+     *                 map(80, 443)
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -428,16 +450,18 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          requiresChannel {
+     *         http {
-     *              secure("/public", requiresInsecure)
+     *             requiresChannel {
-     *              secure(anyRequest, requiresSecure)
+     *                 secure("/public", requiresInsecure)
-     *          }
+     *                 secure(anyRequest, requiresSecure)
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -458,13 +482,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          x509 { }
+     *         http {
-     *      }
+     *             x509 { }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -486,13 +512,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          requestCache { }
+     *         http {
-     *      }
+     *             requestCache { }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -513,15 +541,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          exceptionHandling {
+     *         http {
-     *              accessDeniedPage = "/access-denied"
+     *             exceptionHandling {
-     *          }
+     *                 accessDeniedPage = "/access-denied"
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -542,13 +572,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          csrf { }
+     *         http {
-     *      }
+     *             csrf { }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -568,15 +600,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          logout {
+     *         http {
-     *              logoutUrl = "/log-out"
+     *             logout {
-     *          }
+     *                 logoutUrl = "/log-out"
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -599,15 +633,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          saml2Login {
+     *         http {
-     *              relyingPartyRegistration = getSaml2RelyingPartyRegistration()
+     *             saml2Login {
-     *          }
+     *                 relyingPartyRegistration = getSaml2RelyingPartyRegistration()
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -628,15 +664,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          anonymous {
+     *         http {
-     *              authorities = listOf(SimpleGrantedAuthority("ROLE_ANON"))
+     *             anonymous {
-     *          }
+     *                 authorities = listOf(SimpleGrantedAuthority("ROLE_ANON"))
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -659,15 +697,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2Login {
+     *         http {
-     *              clientRegistrationRepository = getClientRegistrationRepository()
+     *             oauth2Login {
-     *          }
+     *                 clientRegistrationRepository = getClientRegistrationRepository()
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -688,13 +728,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2Client { }
+     *         http {
-     *      }
+     *             oauth2Client { }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -715,15 +757,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2ResourceServer {
+     *         http {
-     *              jwt { }
+     *             oauth2ResourceServer {
-     *          }
+     *                 jwt { }
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -744,15 +788,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          rememberMe {
+     *         http {
-     *              tokenValiditySeconds = 604800
+     *             rememberMe {
-     *          }
+     *                 tokenValiditySeconds = 604800
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -772,13 +818,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          addFilterAt(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
+     *         http {
-     *      }
+     *             addFilterAt(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -800,12 +848,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *     override fun configure(http: HttpSecurity) {
+     *     @Bean
     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
     *         http {
     *             addFilterAt<UsernamePasswordAuthenticationFilter>(CustomFilter())
     *         }
     *         return http.build()
     *     }
     * }
     * ```
@ -827,13 +877,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          addFilterAfter(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
+     *         http {
-     *      }
+     *             addFilterAfter(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -855,12 +907,14 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *     override fun configure(http: HttpSecurity) {
+     *     @Bean
     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
     *         http {
     *             addFilterAfter<UsernamePasswordAuthenticationFilter>(CustomFilter())
     *         }
     *         return http.build()
     *     }
     * }
     * ```
@ -882,13 +936,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          addFilterBefore(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
+     *         http {
-     *      }
+     *             addFilterBefore(CustomFilter(), UsernamePasswordAuthenticationFilter::class.java)
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -910,13 +966,15 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *    override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *        http {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *            addFilterBefore<UsernamePasswordAuthenticationFilter>(CustomFilter())
+     *         http {
-     *        }
+     *             addFilterBefore<UsernamePasswordAuthenticationFilter>(CustomFilter())
-     *    }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -945,15 +1003,17 @@ class HttpSecurityDsl(private val http: HttpSecurity, private val init: HttpSecu
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
     *        http {
     *           securityContext {
     *               securityContextRepository = SECURITY_CONTEXT_REPOSITORY
     *           }
     *        }
-     *  }
+     *        return http.build()
     *     }
     * }
     * ```
     * @author Norbert Nowak
--- a/config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDsl.kt
+++ b/config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ClientDsl.kt
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -66,17 +66,19 @@ class OAuth2ClientDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      httpSecurity(http) {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2Client {
+     *         http {
-     *              authorizationCodeGrant {
+     *             oauth2Client {
-     *                  authorizationRequestResolver = getAuthorizationRequestResolver()
+     *                 authorizationCodeGrant {
-     *              }
+     *                     authorizationRequestResolver = getAuthorizationRequestResolver()
-     *          }
+     *                 }
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
--- a/config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDsl.kt
+++ b/config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2LoginDsl.kt
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -97,17 +97,19 @@ class OAuth2LoginDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      httpSecurity(http) {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2Login {
+     *         http {
-     *              authorizationEndpoint {
+     *             oauth2Login {
-     *                  baseUri = "/auth"
+     *                 authorizationEndpoint {
-     *              }
+     *                     baseUri = "/auth"
-     *          }
+     *                 }
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -127,16 +129,18 @@ class OAuth2LoginDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *  @Bean
-     *      httpSecurity(http) {
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2Login {
+     *         http {
-     *              tokenEndpoint {
+     *             oauth2Login {
-     *                  accessTokenResponseClient = getAccessTokenResponseClient()
+     *                 tokenEndpoint {
-     *              }
+     *                     accessTokenResponseClient = getAccessTokenResponseClient()
-     *          }
+     *                 }
-     *      }
+     *             }
     *         }
     *         return http.build()
     *  }
     * }
     * ```
@ -157,16 +161,18 @@ class OAuth2LoginDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *  @Bean
-     *      httpSecurity(http) {
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2Login {
+     *         http {
-     *              redirectionEndpoint {
+     *             oauth2Login {
-     *                  baseUri = "/home"
+     *                 redirectionEndpoint {
-     *              }
+     *                     baseUri = "/home"
-     *          }
+     *                 }
-     *      }
+     *             }
     *         }
     *         return http.build()
     *  }
     * }
     * ```
@ -187,16 +193,18 @@ class OAuth2LoginDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *  @Bean
-     *      httpSecurity(http) {
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2Login {
+     *         http {
-     *              userInfoEndpoint {
+     *             oauth2Login {
-     *                  userService = getUserService()
+     *                 userInfoEndpoint {
-     *              }
+     *                     userService = getUserService()
-     *          }
+     *                 }
-     *      }
+     *             }
     *         }
     *         return http.build()
     *  }
     * }
     * ```
--- a/config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDsl.kt
+++ b/config/src/main/kotlin/org/springframework/security/config/annotation/web/OAuth2ResourceServerDsl.kt
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -57,17 +57,19 @@ class OAuth2ResourceServerDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      httpSecurity(http) {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2ResourceServer {
+     *         http {
-     *              jwt {
+     *             oauth2ResourceServer {
-     *                  jwkSetUri = "https://example.com/oauth2/jwk"
+     *                 jwt {
-     *              }
+     *                     jwkSetUri = "https://example.com/oauth2/jwk"
-     *          }
+     *                 }
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
@ -86,15 +88,17 @@ class OAuth2ResourceServerDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *     @Bean
-     *      httpSecurity(http) {
+     *     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          oauth2ResourceServer {
+     *         http {
-     *              opaqueToken { }
+     *             oauth2ResourceServer {
-     *          }
+     *                 opaqueToken { }
-     *      }
+     *             }
-     *  }
+     *         }
     *         return http.build()
     *     }
     * }
     * ```
     *
--- a/config/src/main/kotlin/org/springframework/security/config/annotation/web/SessionManagementDsl.kt
+++ b/config/src/main/kotlin/org/springframework/security/config/annotation/web/SessionManagementDsl.kt
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -52,14 +52,16 @@ class SessionManagementDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *  @Bean
-     *      httpSecurity(http) {
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          sessionManagement {
+     *         http {
-     *              sessionFixation { }
+     *             sessionManagement {
-     *          }
+     *                 sessionFixation { }
-     *      }
+     *             }
     *         }
     *         return http.build()
     *  }
     * }
     * ```
@ -80,17 +82,19 @@ class SessionManagementDsl {
     * ```
     * @Configuration
     * @EnableWebSecurity
-     * class SecurityConfig : WebSecurityConfigurerAdapter() {
+     * class SecurityConfig {
     *
-     *  override fun configure(http: HttpSecurity) {
+     *  @Bean
-     *      httpSecurity(http) {
+     *  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
-     *          sessionManagement {
+     *         http {
-     *              sessionConcurrency {
+     *             sessionManagement {
-     *                  maximumSessions = 1
+     *                 sessionConcurrency {
-     *                  maxSessionsPreventsLogin = true
+     *                     maximumSessions = 1
-     *              }
+     *                     maxSessionsPreventsLogin = true
-     *          }
+     *                 }
-     *      }
+     *             }
     *         }
     *         return http.build()
     *  }
     * }
     * ```