JAVA-29330: Migrate spring-security-web-rest-custom to parent-boot-3. (#15932)

spring-security-modules/spring-security-web-rest-custom/pom.xml

@@ -10,8 +10,9 @@
 
     <parent>
         <groupId>com.baeldung</groupId>
-        <artifactId>spring-security-modules</artifactId>
+        <artifactId>parent-boot-3</artifactId>
         <version>0.0.1-SNAPSHOT</version>
+        <relativePath>../../parent-boot-3</relativePath>
     </parent>
 
     <dependencies>
@@ -26,11 +27,11 @@
         </dependency>
         <dependency>
             <groupId>org.thymeleaf.extras</groupId>
-            <artifactId>thymeleaf-extras-springsecurity5</artifactId>
+            <artifactId>thymeleaf-extras-springsecurity6</artifactId>
         </dependency>
         <dependency>
             <groupId>org.thymeleaf</groupId>
-            <artifactId>thymeleaf-spring5</artifactId>
+            <artifactId>thymeleaf-spring6</artifactId>
         </dependency>
         <!-- Spring -->
         <dependency>
@@ -85,23 +86,24 @@
         </dependency>
         <!-- web -->
         <dependency>
-            <groupId>javax.servlet</groupId>
+            <groupId>jakarta.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
+            <artifactId>jakarta.servlet-api</artifactId>
             <scope>provided</scope>
         </dependency>
         <dependency>
-            <groupId>javax.servlet</groupId>
+            <groupId>jakarta.servlet.jsp.jstl</groupId>
-            <artifactId>jstl</artifactId>
+            <artifactId>jakarta.servlet.jsp.jstl-api</artifactId>
             <scope>runtime</scope>
         </dependency>
+
         <!-- http -->
         <dependency>
-            <groupId>org.apache.httpcomponents</groupId>
+            <groupId>org.apache.httpcomponents.core5</groupId>
-            <artifactId>httpcore</artifactId>
+            <artifactId>httpcore5</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.apache.httpcomponents</groupId>
+            <groupId>org.apache.httpcomponents.client5</groupId>
-            <artifactId>httpclient</artifactId>
+            <artifactId>httpclient5</artifactId>
         </dependency>
         <!-- util -->
         <dependency>

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/config/MainWebAppInitializer.java

@@ -2,36 +2,28 @@ package com.baeldung.config;
 
 import java.util.Set;
 
-import javax.servlet.FilterRegistration.Dynamic;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRegistration;
-
 import org.springframework.web.WebApplicationInitializer;
 import org.springframework.web.context.ContextLoaderListener;
 import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
 import org.springframework.web.filter.DelegatingFilterProxy;
 import org.springframework.web.servlet.DispatcherServlet;
 
+import jakarta.servlet.FilterRegistration.Dynamic;
+import jakarta.servlet.ServletContext;
+import jakarta.servlet.ServletRegistration;
+
 public class MainWebAppInitializer implements WebApplicationInitializer {
 
     public MainWebAppInitializer() {
         super();
     }
 
-    //
-
-    /**
-     * Register and configure all Servlet container components necessary to power the web application.
-     */
     @Override
-    public void onStartup(final ServletContext sc) throws ServletException {
+    public void onStartup(final ServletContext sc) {
         System.out.println("MyWebAppInitializer.onStartup()");
 
-        // Create the 'root' Spring application context
         final AnnotationConfigWebApplicationContext root = new AnnotationConfigWebApplicationContext();
         root.scan("com.baeldung.config.parent");
-        // root.getEnvironment().setDefaultProfiles("embedded");
 
         // Manages the lifecycle of the root application context
         sc.addListener(new ContextLoaderListener(root));

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/config/child/MethodSecurityConfig.java

@@ -8,15 +8,14 @@ import org.springframework.security.access.intercept.RunAsManager;
 import org.springframework.security.access.intercept.RunAsManagerImpl;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
-import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
 
 
 @Configuration
-@EnableGlobalMethodSecurity(securedEnabled = true)
+@EnableMethodSecurity(securedEnabled = true)
-public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
+public class MethodSecurityConfig {
 
-    @Override
+    @Bean
     protected RunAsManager runAsManager() {
         RunAsManagerImpl runAsManager = new RunAsManagerImpl();
         runAsManager.setKey("MyRunAsKey");
@@ -24,7 +23,7 @@ public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
     }
 
     @Autowired
-    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+    public void configureGlobal(AuthenticationManagerBuilder auth) {
         auth.authenticationProvider(runAsAuthenticationProvider());
     }
 

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/config/child/WebConfig.java

@@ -2,7 +2,6 @@ package com.baeldung.config.child;
 
 import java.util.List;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
@@ -13,37 +12,31 @@ import org.springframework.http.converter.json.MappingJackson2HttpMessageConvert
 import org.springframework.web.servlet.ViewResolver;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-import org.thymeleaf.extras.springsecurity5.dialect.SpringSecurityDialect;
+import org.thymeleaf.extras.springsecurity6.dialect.SpringSecurityDialect;
-import org.thymeleaf.spring5.ISpringTemplateEngine;
+import org.thymeleaf.spring6.ISpringTemplateEngine;
-import org.thymeleaf.spring5.SpringTemplateEngine;
+import org.thymeleaf.spring6.SpringTemplateEngine;
-import org.thymeleaf.spring5.templateresolver.SpringResourceTemplateResolver;
+import org.thymeleaf.spring6.templateresolver.SpringResourceTemplateResolver;
-import org.thymeleaf.spring5.view.ThymeleafViewResolver;
+import org.thymeleaf.spring6.view.ThymeleafViewResolver;
 import org.thymeleaf.templatemode.TemplateMode;
 import org.thymeleaf.templateresolver.ITemplateResolver;
 
 @Configuration
 @EnableWebMvc
 @ComponentScan("com.baeldung.web")
-//@ImportResource({ "classpath:prop.xml" })    
-//@PropertySource("classpath:foo.properties")
 public class WebConfig implements WebMvcConfigurer {
 
-    @Autowired
+    private final ApplicationContext applicationContext;
-    private ApplicationContext applicationContext;
 
-    public WebConfig() {
+    public WebConfig(ApplicationContext applicationContext) {
         super();
+        this.applicationContext = applicationContext;
     }
 
-    // beans
-
     @Override
     public void configureMessageConverters(final List<HttpMessageConverter<?>> converters) {
         converters.add(new MappingJackson2HttpMessageConverter());
     }
 
-    // beans
-
     @Bean
     public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
         final PropertySourcesPlaceholderConfigurer ppc = new PropertySourcesPlaceholderConfigurer();

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/config/parent/SecurityConfig.java

@@ -1,10 +1,10 @@
 package com.baeldung.config.parent;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -18,8 +18,11 @@ import com.baeldung.security.CustomAuthenticationProvider;
 @ComponentScan("com.baeldung.security")
 public class SecurityConfig {
 
-    @Autowired
+    private final CustomAuthenticationProvider authProvider;
-    private CustomAuthenticationProvider authProvider;
+
+    public SecurityConfig(CustomAuthenticationProvider authProvider) {
+        this.authProvider = authProvider;
+    }
 
     @Bean
     public AuthenticationManager authManager(HttpSecurity http) throws Exception {
@@ -30,12 +33,9 @@ public class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.authorizeRequests()
+        return http.authorizeHttpRequests(request -> request.anyRequest()
-            .anyRequest()
+                .authenticated())
-            .authenticated()
+            .httpBasic(Customizer.withDefaults())
-            .and()
+            .build();
-            .httpBasic();
-        return http.build();
     }
-
 }

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/config/parent/ServiceConfig.java

@@ -12,12 +12,6 @@ import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
 @PropertySource("classpath:foo.properties")
 public class ServiceConfig {
 
-    public ServiceConfig() {
-        super();
-    }
-
-    // beans
-
     @Bean
     public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
         final PropertySourcesPlaceholderConfigurer ppc = new PropertySourcesPlaceholderConfigurer();

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/security/AuthenticationFacade.java

@@ -11,8 +11,6 @@ public class AuthenticationFacade implements IAuthenticationFacade {
         super();
     }
 
-    // API
-
     @Override
     public final Authentication getAuthentication() {
         return SecurityContextHolder.getContext().getAuthentication();

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/security/CustomAuthenticationProvider.java

@@ -20,21 +20,21 @@ public class CustomAuthenticationProvider implements AuthenticationProvider {
         super();
     }
 
-    // API
-
     @Override
     public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
         final String name = authentication.getName();
         final String password = authentication.getCredentials().toString();
-        if (name.equals("admin") && password.equals("system")) {
+        if (!"admin".equals(name) || !"system".equals(password)) {
-            final List<GrantedAuthority> grantedAuths = new ArrayList<>();
-            grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
-            final UserDetails principal = new User(name, password, grantedAuths);
-            final Authentication auth = new UsernamePasswordAuthenticationToken(principal, password, grantedAuths);
-            return auth;
-        } else {
             return null;
         }
+        return authenticateAgainstThirdPartyAndGetAuthentication(name, password);
+    }
+
+    private static UsernamePasswordAuthenticationToken authenticateAgainstThirdPartyAndGetAuthentication(String name, String password) {
+        final List<GrantedAuthority> grantedAuths = new ArrayList<>();
+        grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
+        final UserDetails principal = new User(name, password, grantedAuths);
+        return new UsernamePasswordAuthenticationToken(principal, password, grantedAuths);
     }
 
     @Override

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/security/MySavedRequestAwareAuthenticationSuccessHandler.java

@@ -2,10 +2,6 @@ package com.baeldung.security;
 
 import java.io.IOException;
 
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
 import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
@@ -13,6 +9,10 @@ import org.springframework.security.web.savedrequest.RequestCache;
 import org.springframework.security.web.savedrequest.SavedRequest;
 import org.springframework.util.StringUtils;
 
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
 public class MySavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
 
     private RequestCache requestCache = new HttpSessionRequestCache();

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/security/RestAuthenticationEntryPoint.java

@@ -2,13 +2,13 @@ package com.baeldung.security;
 
 import java.io.IOException;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.stereotype.Component;
 
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
 /**
  * The Entry Point will not redirect to any sort of Login - it will return the 401
  */

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/service/FooService.java

@@ -1,27 +1,25 @@
 package com.baeldung.service;
 
-import com.baeldung.web.dto.Foo;
 import org.springframework.beans.factory.InitializingBean;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.core.env.Environment;
 import org.springframework.stereotype.Service;
 
+import com.baeldung.web.dto.Foo;
+
 @Service
 public class FooService implements IFooService, InitializingBean {
 
     @Value("${foo1}")
     private String foo1;
 
-    @Autowired
+    private final Environment env;
-    private Environment env;
 
-    public FooService() {
+    public FooService(Environment env) {
         super();
+        this.env = env;
     }
 
-    // API
-
     @Override
     public Foo findOne(final Long id) {
         return new Foo();

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/service/RunAsService.java

@@ -10,8 +10,7 @@ public class RunAsService {
 
     @Secured({ "ROLE_RUN_AS_REPORTER" })
     public Authentication getCurrentUser() {
-        Authentication authentication = 
+        return SecurityContextHolder.getContext()
-                SecurityContextHolder.getContext().getAuthentication();
+            .getAuthentication();
-        return authentication;
     }
 }

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/web/controller/FooController.java

@@ -1,39 +1,34 @@
 package com.baeldung.web.controller;
 
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.env.Environment;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
 import com.baeldung.service.IFooService;
 import com.baeldung.web.dto.Foo;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.core.env.Environment;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
 
-@Controller
+@RestController
 @RequestMapping(value = "/foos")
 public class FooController implements InitializingBean {
 
     @Value("${foo1}")
     private String foo1;
 
-    @Autowired
+    private final Environment env;
-    private Environment env;
+    private final IFooService service;
 
-    @Autowired
+    public FooController(Environment env, IFooService service) {
-    private IFooService service;
-
-    public FooController() {
         super();
+        this.env = env;
+        this.service = service;
     }
 
-    // API
+    @GetMapping(value = "/{id}")
-
+    public Foo findOne(@PathVariable(name = "id") final Long id) {
-    @RequestMapping(value = "/{id}", method = RequestMethod.GET)
-    @ResponseBody
-    public Foo findOne(@PathVariable("id") final Long id) {
         return service.findOne(id);
     }
 

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/web/controller/GetUserWithAuthenticationController.java

@@ -2,22 +2,17 @@ package com.baeldung.web.controller;
 
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
 
-@Controller
+@RestController
 public class GetUserWithAuthenticationController {
 
     public GetUserWithAuthenticationController() {
         super();
     }
 
-    // API
+    @GetMapping(value = "/username3")
-
-    @RequestMapping(value = "/username3", method = RequestMethod.GET)
-    @ResponseBody
     public String currentUserNameSimple(final Authentication authentication) {
         UserDetails userDetails = (UserDetails) authentication.getPrincipal();
         System.out.println("Retrieved user with authorities: " + userDetails.getAuthorities());

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/web/controller/GetUserWithCustomInterfaceController.java

@@ -1,27 +1,22 @@
 package com.baeldung.web.controller;
 
-import com.baeldung.security.IAuthenticationFacade;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
-import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
 
-@Controller
+import com.baeldung.security.IAuthenticationFacade;
+
+@RestController
 public class GetUserWithCustomInterfaceController {
 
-    @Autowired
+    private final IAuthenticationFacade authenticationFacade;
-    private IAuthenticationFacade authenticationFacade;
 
-    public GetUserWithCustomInterfaceController() {
+    public GetUserWithCustomInterfaceController(IAuthenticationFacade authenticationFacade) {
         super();
+        this.authenticationFacade = authenticationFacade;
     }
 
-    // API
+    @GetMapping(value = "/username5")
-
-    @RequestMapping(value = "/username5", method = RequestMethod.GET)
-    @ResponseBody
     public String currentUserNameSimple() {
         final Authentication authentication = authenticationFacade.getAuthentication();
         return authentication.getName();

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/web/controller/GetUserWithHTTPServletRequestController.java

@@ -2,24 +2,19 @@ package com.baeldung.web.controller;
 
 import java.security.Principal;
 
-import javax.servlet.http.HttpServletRequest;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
 
-import org.springframework.stereotype.Controller;
+import jakarta.servlet.http.HttpServletRequest;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
 
-@Controller
+@RestController
 public class GetUserWithHTTPServletRequestController {
 
     public GetUserWithHTTPServletRequestController() {
         super();
     }
 
-    // API
+    @GetMapping(value = "/username4")
-
-    @RequestMapping(value = "/username4", method = RequestMethod.GET)
-    @ResponseBody
     public String currentUserNameSimple(final HttpServletRequest request) {
         final Principal principal = request.getUserPrincipal();
         return principal.getName();

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/web/controller/GetUserWithPrincipalController.java

@@ -2,22 +2,17 @@ package com.baeldung.web.controller;
 
 import java.security.Principal;
 
-import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
 
-@Controller
+@RestController
 public class GetUserWithPrincipalController {
 
     public GetUserWithPrincipalController() {
         super();
     }
 
-    // API
+    @GetMapping(value = "/username2")
-
-    @RequestMapping(value = "/username2", method = RequestMethod.GET)
-    @ResponseBody
     public String currentUserName(final Principal principal) {
         return principal.getName();
     }

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/web/controller/GetUserWithSecurityContextHolderController.java

@@ -1,29 +1,15 @@
 package com.baeldung.web.controller;
 
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
 
-@Controller
+@RestController
 public class GetUserWithSecurityContextHolderController {
 
-    @Autowired
+    @GetMapping(value = "/username1")
-    private ApplicationEventPublisher eventPublisher;
-
-    public GetUserWithSecurityContextHolderController() {
-        super();
-    }
-
-    // API
-
-    @RequestMapping(value = "/username1", method = RequestMethod.GET)
-    @ResponseBody
     public String currentUserName() {
         final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         if (!(authentication instanceof AnonymousAuthenticationToken)) {

spring-security-modules/spring-security-web-rest-custom/src/main/java/com/baeldung/web/controller/RunAsController.java

@@ -3,18 +3,15 @@ package com.baeldung.web.controller;
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.RestController;
 
-
+@RestController
-@Controller
 @RequestMapping("/runas")
 public class RunAsController {
 
     @Secured({ "ROLE_USER", "RUN_AS_REPORTER" })
     @RequestMapping
-    @ResponseBody
     public String tryRunAs() {
         Authentication auth = SecurityContextHolder.getContext().getAuthentication();
         return "Current User Authorities inside this RunAS method only " + 

spring-security-modules/spring-security-web-rest-custom/src/main/webapp/WEB-INF/templates/runas.html

@@ -1,6 +1,5 @@
 <!DOCTYPE html>
-<html xmlns:th="https://www.thymeleaf.org"
+<html xmlns:sec="https://www.thymeleaf.org">
-	xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
 <body>
 	Current user authorities:
 	<span sec:authentication="principal.authorities">user</span>
@@ -9,7 +8,7 @@
 	<a href="#" onclick="tryRunAs()">Generate Report As Super User</a>
 
 	<script
-		src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
+		src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
 	<script type="text/javascript">
 	
 		function tryRunAs(){