JAVA-14676 Update spring-boot-security module under spring-boot-modules to remove usage of deprecated WebSecurityConfigurerAdapter
This commit is contained in:
parent
171e4bd7c8
commit
2901f17a2e
|
@ -2,16 +2,13 @@ package com.baeldung.annotations.globalmethod;
|
||||||
|
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
|
||||||
|
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
public class AnnotationSecuredStaticResourceConfig extends WebSecurityConfigurerAdapter {
|
public class AnnotationSecuredStaticResourceConfig {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public WebSecurityCustomizer ignoreResources() {
|
public WebSecurityCustomizer ignoreResources() {
|
||||||
|
|
|
@ -1,29 +1,29 @@
|
||||||
package com.baeldung.annotations.websecurity;
|
package com.baeldung.annotations.websecurity;
|
||||||
|
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
public class CustomWebSecurityConfig extends WebSecurityConfigurerAdapter {
|
public class CustomWebSecurityConfig {
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http.authorizeRequests()
|
||||||
.authorizeRequests()
|
.antMatchers("/admin/**")
|
||||||
.antMatchers("/admin/**")
|
.hasRole("ADMIN")
|
||||||
.hasRole("ADMIN")
|
.antMatchers("/protected/**")
|
||||||
.antMatchers("/protected/**")
|
.hasRole("USER");
|
||||||
.hasRole("USER");
|
return http.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
public void configure(WebSecurity web) throws Exception {
|
public WebSecurityCustomizer webSecurityCustomizer() {
|
||||||
web
|
return (web) -> web.ignoring()
|
||||||
.ignoring()
|
.antMatchers("/public/*");
|
||||||
.antMatchers("/public/*");
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,28 +2,29 @@ package com.baeldung.integrationtesting;
|
||||||
|
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.core.userdetails.User;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
public class WebSecurityConfigurer {
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
|
||||||
|
UserDetails user = User.withUsername("spring")
|
||||||
BCryptPasswordEncoder encoder = passwordEncoder();
|
.password(passwordEncoder.encode("secret"))
|
||||||
|
.roles("USER")
|
||||||
auth.inMemoryAuthentication()
|
.build();
|
||||||
.passwordEncoder(encoder)
|
|
||||||
.withUser("spring")
|
return new InMemoryUserDetailsManager(user);
|
||||||
.password(encoder.encode("secret"))
|
|
||||||
.roles("USER");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http.authorizeRequests()
|
http.authorizeRequests()
|
||||||
.antMatchers("/private/**")
|
.antMatchers("/private/**")
|
||||||
.hasRole("USER")
|
.hasRole("USER")
|
||||||
|
@ -31,6 +32,7 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.and()
|
.and()
|
||||||
.httpBasic();
|
.httpBasic();
|
||||||
|
return http.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
|
|
@ -1,38 +1,48 @@
|
||||||
package com.baeldung.springbootsecurity.autoconfig.config;
|
package com.baeldung.springbootsecurity.autoconfig.config;
|
||||||
|
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.core.userdetails.User;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
public class BasicConfiguration extends WebSecurityConfigurerAdapter {
|
public class BasicConfiguration {
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
|
||||||
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
|
UserDetails user = User.withUsername("user")
|
||||||
auth
|
.password(passwordEncoder.encode("password"))
|
||||||
.inMemoryAuthentication()
|
.roles("USER")
|
||||||
.withUser("user")
|
.build();
|
||||||
.password(encoder.encode("password"))
|
|
||||||
.roles("USER")
|
UserDetails admin = User.withUsername("admin")
|
||||||
.and()
|
.password(passwordEncoder.encode("admin"))
|
||||||
.withUser("admin")
|
.roles("USER", "ADMIN")
|
||||||
.password(encoder.encode("admin"))
|
.build();
|
||||||
.roles("USER", "ADMIN");
|
|
||||||
|
return new InMemoryUserDetailsManager(user, admin);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
http
|
http.authorizeRequests()
|
||||||
.authorizeRequests()
|
.anyRequest()
|
||||||
.anyRequest()
|
.authenticated()
|
||||||
.authenticated()
|
.and()
|
||||||
.and()
|
.httpBasic();
|
||||||
.httpBasic();
|
return http.build();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public PasswordEncoder passwordEncoder() {
|
||||||
|
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
|
||||||
|
return encoder;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,37 +2,43 @@ package com.baeldung.springsecuritytaglibs.config;
|
||||||
|
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.core.userdetails.User;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||||
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
public class SpringBootSecurityTagLibsConfig extends WebSecurityConfigurerAdapter {
|
public class SpringBootSecurityTagLibsConfig {
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
|
||||||
BCryptPasswordEncoder encoder = passwordEncoder();
|
UserDetails user = User.withUsername("testUser")
|
||||||
auth.inMemoryAuthentication()
|
.password(passwordEncoder.encode("password"))
|
||||||
.passwordEncoder(encoder)
|
.roles("ADMIN")
|
||||||
.withUser("testUser")
|
.build();
|
||||||
.password(encoder.encode("password"))
|
|
||||||
.roles("ADMIN");
|
return new InMemoryUserDetailsManager(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||||
// @formatter:off
|
|
||||||
http.csrf()
|
http.csrf()
|
||||||
.and()
|
.and()
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers("/userManagement").hasRole("ADMIN")
|
.antMatchers("/userManagement")
|
||||||
.anyRequest().permitAll().and().httpBasic();
|
.hasRole("ADMIN")
|
||||||
// @formatter:on
|
.anyRequest()
|
||||||
|
.permitAll()
|
||||||
|
.and()
|
||||||
|
.httpBasic();
|
||||||
|
return http.build();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public BCryptPasswordEncoder passwordEncoder() {
|
public BCryptPasswordEncoder passwordEncoder() {
|
||||||
return new BCryptPasswordEncoder();
|
return new BCryptPasswordEncoder();
|
||||||
|
|
Loading…
Reference in New Issue