From 88a8ef647ba030d877ac4c58434b507503398c8b Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Fri, 6 Jan 2023 13:56:56 -0700 Subject: [PATCH] Add Details about @Configuration Closes gh-12486 --- .../ROOT/pages/migration/reactive.adoc | 52 +++++++++++++++++++ .../ROOT/pages/migration/servlet/config.adoc | 52 +++++++++++++++++++ 2 files changed, 104 insertions(+) diff --git a/docs/modules/ROOT/pages/migration/reactive.adoc b/docs/modules/ROOT/pages/migration/reactive.adoc index b4da6efe4e..eab5e4e0a1 100644 --- a/docs/modules/ROOT/pages/migration/reactive.adoc +++ b/docs/modules/ROOT/pages/migration/reactive.adoc @@ -400,6 +400,58 @@ http { To opt-out of the 6.0 defaults and instead continue to pass `AuthenticationServiceException` on to ``ServerAuthenticationEntryPoint``s, you can follow the same steps as above, except set `rethrowAuthenticationServiceException` to false. +[[add-configuration-annotation]] +== Add `@Configuration` annotation + +In 6.0, `@Configuration` is removed from `@EnableWebFluxSecurity` and `@EnableReactiveMethodSecurity`. + +To prepare for this, wherever you are using one of these annotations, you may need to add `@Configuration`. +For example, `@EnableReactiveMethodSecurity` changes from: + +==== +.Java +[source,java,role="primary"] +---- +@EnableReactiveMethodSecurity +public class MyConfiguration { + // ... +} +---- + +.Kotlin +[source,java,role="primary"] +---- +@EnableReactiveMethodSecurity +open class MyConfiguration { + // ... +} +---- +==== + +to: + +==== +.Java +[source,java,role="primary"] +---- +@Configuration +@EnableReactiveMethodSecurity +public class MyConfiguration { + // ... +} +---- + +.Kotlin +[source,java,role="primary"] +---- +@Configuration +@EnableReactiveMethodSecurity +open class MyConfiguration { + // ... +} +---- +==== + == Address OAuth2 Client Deprecations === `ServerOAuth2AuthorizedClientExchangeFilterFunction` diff --git a/docs/modules/ROOT/pages/migration/servlet/config.adoc b/docs/modules/ROOT/pages/migration/servlet/config.adoc index 0d61382507..91c6aa10ba 100644 --- a/docs/modules/ROOT/pages/migration/servlet/config.adoc +++ b/docs/modules/ROOT/pages/migration/servlet/config.adoc @@ -2,6 +2,58 @@ The following steps relate to changes around how to configure `HttpSecurity`, `WebSecurity`, and `AuthenticationManager`. +[[add-configuration-annotation]] +== Add `@Configuration` annotation + +In 6.0, `@Configuration` is removed from `@EnableWebSecurity`, `@EnableMethodSecurity`, `@EnableGlobalMethodSecurity`, and `@EnableGlobalAuthentication`. + +To prepare for this, wherever you are using one of these annotations, you may need to add `@Configuration`. +For example, `@EnableMethodSecurity` changes from: + +==== +.Java +[source,java,role="primary"] +---- +@EnableMethodSecurity +public class MyConfiguration { + // ... +} +---- + +.Kotlin +[source,java,role="primary"] +---- +@EnableMethodSecurity +open class MyConfiguration { + // ... +} +---- +==== + +to: + +==== +.Java +[source,java,role="primary"] +---- +@Configuration +@EnableMethodSecurity +public class MyConfiguration { + // ... +} +---- + +.Kotlin +[source,java,role="primary"] +---- +@Configuration +@EnableMethodSecurity +open class MyConfiguration { + // ... +} +---- +==== + [[use-new-requestmatchers]] == Use the new `requestMatchers` methods