JAVA-14894 Update spring-security-web-react module under spring-security-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12916)

2022-10-29 13:39:24 +05:30 · 2022-10-29 13:39:24 +05:30 · 84dd60e287
parent e506e68202
commit 84dd60e287
1 changed files with 48 additions and 40 deletions
--- a/spring-security-modules/spring-security-web-react/src/main/java/com/baeldung/spring/SecSecurityConfig.java
+++ b/spring-security-modules/spring-security-web-react/src/main/java/com/baeldung/spring/SecSecurityConfig.java
@ -1,57 +1,65 @@
 package com.baeldung.spring;

+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.http.HttpMethod;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;

@Configuration
@EnableWebSecurity
@Profile("!https")
-public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
+public class SecSecurityConfig {

-    public SecSecurityConfig() {
-        super();
+    @Bean
+    public InMemoryUserDetailsManager userDetailsService() throws Exception {
+        UserDetails user1 = User.withUsername("user1")
+            .password("{noop}user1Pass")
+            .roles("USER")
+            .build();
+
+        UserDetails user2 = User.withUsername("user2")
+            .password("{noop}user2Pass")
+            .roles("USER")
+            .build();
+
+        UserDetails admin = User.withUsername("admin")
+            .password("{noop}admin0Pass")
+            .roles("ADMIN")
+            .build();
+        return new InMemoryUserDetailsManager(user1, user2, admin);
    }

-    @Override
-    protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
-        // @formatter:off
-        auth.inMemoryAuthentication()
-        .withUser("user1").password("{noop}user1Pass").roles("USER")
-        .and()
-        .withUser("user2").password("{noop}user2Pass").roles("USER")
-        .and()
-        .withUser("admin").password("{noop}admin0Pass").roles("ADMIN");
-        // @formatter:on
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.csrf()
+            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+            .and()
+            .authorizeRequests()
+            .antMatchers("/admin/**")
+            .hasRole("ADMIN")
+            .antMatchers("/anonymous*")
+            .anonymous()
+            .antMatchers(HttpMethod.GET, "/index*", "/static/**", "/*.js", "/*.json", "/*.ico", "/rest")
+            .permitAll()
+            .anyRequest()
+            .authenticated()
+            .and()
+            .formLogin()
+            .loginPage("/index.html")
+            .loginProcessingUrl("/perform_login")
+            .defaultSuccessUrl("/homepage.html", true)
+            .failureUrl("/index.html?error=true")
+            .and()
+            .logout()
+            .logoutUrl("/perform_logout")
+            .deleteCookies("JSESSIONID");
+        return http.build();
    }
-
-    @Override
-    protected void configure(final HttpSecurity http) throws Exception {
-        // @formatter:off
-        http
-        .csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
-        .authorizeRequests()
-        .antMatchers("/admin/**").hasRole("ADMIN")
-        .antMatchers("/anonymous*").anonymous()
-        .antMatchers(HttpMethod.GET, "/index*", "/static/**", "/*.js", "/*.json", "/*.ico", "/rest").permitAll()
-        .anyRequest().authenticated()
-        .and()
-        .formLogin()
-        .loginPage("/index.html")
-        .loginProcessingUrl("/perform_login")
-        .defaultSuccessUrl("/homepage.html",true)
-        .failureUrl("/index.html?error=true")
-        .and()
-        .logout()
-        .logoutUrl("/perform_logout")
-        .deleteCookies("JSESSIONID");
-        // @formatter:on
-    }
-
-
 }