JAVA-14676 Update spring-boot-security module under spring-boot-modules to remove usage of deprecated WebSecurityConfigurerAdapter

This commit is contained in:
anuragkumawat 2022-09-17 20:38:19 +05:30
parent 171e4bd7c8
commit 2901f17a2e
5 changed files with 92 additions and 77 deletions

View File

@ -2,16 +2,13 @@ package com.baeldung.annotations.globalmethod;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class AnnotationSecuredStaticResourceConfig extends WebSecurityConfigurerAdapter { public class AnnotationSecuredStaticResourceConfig {
@Bean @Bean
public WebSecurityCustomizer ignoreResources() { public WebSecurityCustomizer ignoreResources() {

View File

@ -1,29 +1,29 @@
package com.baeldung.annotations.websecurity; package com.baeldung.annotations.websecurity;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.web.SecurityFilterChain;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class CustomWebSecurityConfig extends WebSecurityConfigurerAdapter { public class CustomWebSecurityConfig {
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http.authorizeRequests()
.authorizeRequests() .antMatchers("/admin/**")
.antMatchers("/admin/**") .hasRole("ADMIN")
.hasRole("ADMIN") .antMatchers("/protected/**")
.antMatchers("/protected/**") .hasRole("USER");
.hasRole("USER"); return http.build();
} }
@Override @Bean
public void configure(WebSecurity web) throws Exception { public WebSecurityCustomizer webSecurityCustomizer() {
web return (web) -> web.ignoring()
.ignoring() .antMatchers("/public/*");
.antMatchers("/public/*");
} }
} }

View File

@ -2,28 +2,29 @@ package com.baeldung.integrationtesting;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
@Configuration @Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter { public class WebSecurityConfigurer {
@Override @Bean
protected void configure(AuthenticationManagerBuilder auth) throws Exception { public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
UserDetails user = User.withUsername("spring")
BCryptPasswordEncoder encoder = passwordEncoder(); .password(passwordEncoder.encode("secret"))
.roles("USER")
auth.inMemoryAuthentication() .build();
.passwordEncoder(encoder)
.withUser("spring") return new InMemoryUserDetailsManager(user);
.password(encoder.encode("secret"))
.roles("USER");
} }
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeRequests() http.authorizeRequests()
.antMatchers("/private/**") .antMatchers("/private/**")
.hasRole("USER") .hasRole("USER")
@ -31,6 +32,7 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
.permitAll() .permitAll()
.and() .and()
.httpBasic(); .httpBasic();
return http.build();
} }
@Bean @Bean

View File

@ -1,38 +1,48 @@
package com.baeldung.springbootsecurity.autoconfig.config; package com.baeldung.springbootsecurity.autoconfig.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class BasicConfiguration extends WebSecurityConfigurerAdapter { public class BasicConfiguration {
@Override @Bean
protected void configure(AuthenticationManagerBuilder auth) throws Exception { public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder(); UserDetails user = User.withUsername("user")
auth .password(passwordEncoder.encode("password"))
.inMemoryAuthentication() .roles("USER")
.withUser("user") .build();
.password(encoder.encode("password"))
.roles("USER") UserDetails admin = User.withUsername("admin")
.and() .password(passwordEncoder.encode("admin"))
.withUser("admin") .roles("USER", "ADMIN")
.password(encoder.encode("admin")) .build();
.roles("USER", "ADMIN");
return new InMemoryUserDetailsManager(user, admin);
} }
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http.authorizeRequests()
.authorizeRequests() .anyRequest()
.anyRequest() .authenticated()
.authenticated() .and()
.and() .httpBasic();
.httpBasic(); return http.build();
}
@Bean
public PasswordEncoder passwordEncoder() {
PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
return encoder;
} }
} }

View File

@ -2,37 +2,43 @@ package com.baeldung.springsecuritytaglibs.config;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class SpringBootSecurityTagLibsConfig extends WebSecurityConfigurerAdapter { public class SpringBootSecurityTagLibsConfig {
@Override @Bean
protected void configure(AuthenticationManagerBuilder auth) throws Exception { public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
BCryptPasswordEncoder encoder = passwordEncoder(); UserDetails user = User.withUsername("testUser")
auth.inMemoryAuthentication() .password(passwordEncoder.encode("password"))
.passwordEncoder(encoder) .roles("ADMIN")
.withUser("testUser") .build();
.password(encoder.encode("password"))
.roles("ADMIN"); return new InMemoryUserDetailsManager(user);
} }
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// @formatter:off
http.csrf() http.csrf()
.and() .and()
.authorizeRequests() .authorizeRequests()
.antMatchers("/userManagement").hasRole("ADMIN") .antMatchers("/userManagement")
.anyRequest().permitAll().and().httpBasic(); .hasRole("ADMIN")
// @formatter:on .anyRequest()
.permitAll()
.and()
.httpBasic();
return http.build();
} }
@Bean @Bean
public BCryptPasswordEncoder passwordEncoder() { public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(); return new BCryptPasswordEncoder();