Add Details about @Configuration

Closes gh-12486
This commit is contained in:
Josh Cummings 2023-01-06 13:56:56 -07:00
parent 5e1db6a771
commit 88a8ef647b
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
2 changed files with 104 additions and 0 deletions

View File

@ -400,6 +400,58 @@ http {
To opt-out of the 6.0 defaults and instead continue to pass `AuthenticationServiceException` on to ``ServerAuthenticationEntryPoint``s, you can follow the same steps as above, except set `rethrowAuthenticationServiceException` to false. To opt-out of the 6.0 defaults and instead continue to pass `AuthenticationServiceException` on to ``ServerAuthenticationEntryPoint``s, you can follow the same steps as above, except set `rethrowAuthenticationServiceException` to false.
[[add-configuration-annotation]]
== Add `@Configuration` annotation
In 6.0, `@Configuration` is removed from `@EnableWebFluxSecurity` and `@EnableReactiveMethodSecurity`.
To prepare for this, wherever you are using one of these annotations, you may need to add `@Configuration`.
For example, `@EnableReactiveMethodSecurity` changes from:
====
.Java
[source,java,role="primary"]
----
@EnableReactiveMethodSecurity
public class MyConfiguration {
// ...
}
----
.Kotlin
[source,java,role="primary"]
----
@EnableReactiveMethodSecurity
open class MyConfiguration {
// ...
}
----
====
to:
====
.Java
[source,java,role="primary"]
----
@Configuration
@EnableReactiveMethodSecurity
public class MyConfiguration {
// ...
}
----
.Kotlin
[source,java,role="primary"]
----
@Configuration
@EnableReactiveMethodSecurity
open class MyConfiguration {
// ...
}
----
====
== Address OAuth2 Client Deprecations == Address OAuth2 Client Deprecations
=== `ServerOAuth2AuthorizedClientExchangeFilterFunction` === `ServerOAuth2AuthorizedClientExchangeFilterFunction`

View File

@ -2,6 +2,58 @@
The following steps relate to changes around how to configure `HttpSecurity`, `WebSecurity`, and `AuthenticationManager`. The following steps relate to changes around how to configure `HttpSecurity`, `WebSecurity`, and `AuthenticationManager`.
[[add-configuration-annotation]]
== Add `@Configuration` annotation
In 6.0, `@Configuration` is removed from `@EnableWebSecurity`, `@EnableMethodSecurity`, `@EnableGlobalMethodSecurity`, and `@EnableGlobalAuthentication`.
To prepare for this, wherever you are using one of these annotations, you may need to add `@Configuration`.
For example, `@EnableMethodSecurity` changes from:
====
.Java
[source,java,role="primary"]
----
@EnableMethodSecurity
public class MyConfiguration {
// ...
}
----
.Kotlin
[source,java,role="primary"]
----
@EnableMethodSecurity
open class MyConfiguration {
// ...
}
----
====
to:
====
.Java
[source,java,role="primary"]
----
@Configuration
@EnableMethodSecurity
public class MyConfiguration {
// ...
}
----
.Kotlin
[source,java,role="primary"]
----
@Configuration
@EnableMethodSecurity
open class MyConfiguration {
// ...
}
----
====
[[use-new-requestmatchers]] [[use-new-requestmatchers]]
== Use the new `requestMatchers` methods == Use the new `requestMatchers` methods