JAVA-14882 Update spring-security-ldap under spring-security-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12890)

spring-security-modules/spring-security-ldap/src/main/java/com/baeldung/config/SecurityConfig.java

@@ -1,39 +1,58 @@
 package com.baeldung.config;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.ldap.core.support.BaseLdapPathContextSource;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory;
+import org.springframework.security.ldap.server.ApacheDSContainer;
+import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
+import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
+import org.springframework.security.web.SecurityFilterChain;
 
 /**
  * Security Configuration - LDAP and HTTP Authorizations.
  */
 @Configuration
 // @ImportResource({ "classpath:webSecurityConfig.xml" }) //=> uncomment to use equivalent xml config
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
+public class SecurityConfig {
 
-    @Override
+    @Bean
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+    ApacheDSContainer ldapContainer() throws Exception {
-        auth.ldapAuthentication()
+        return new ApacheDSContainer("dc=baeldung,dc=com", "classpath:users.ldif");
-                .userSearchBase("ou=people")
-                .userSearchFilter("(uid={0})")
-                .groupSearchBase("ou=groups")
-                .groupSearchFilter("(member={0})")
-                .contextSource()
-                .root("dc=baeldung,dc=com")
-                .ldif("classpath:users.ldif");
     }
 
-    @Override
+    @Bean
-    protected void configure(HttpSecurity http) throws Exception {
+    LdapAuthoritiesPopulator authorities(BaseLdapPathContextSource contextSource) {
-        http
+        String groupSearchBase = "ou=groups";
-                .authorizeRequests()
+        DefaultLdapAuthoritiesPopulator authorities = new DefaultLdapAuthoritiesPopulator(contextSource, groupSearchBase);
+        authorities.setGroupSearchFilter("(member={0})");
+        return authorities;
+    }
+
+    @Bean
+    AuthenticationManager authenticationManager(BaseLdapPathContextSource contextSource, LdapAuthoritiesPopulator authorities) {
+        LdapBindAuthenticationManagerFactory factory = new LdapBindAuthenticationManagerFactory(contextSource);
+        factory.setUserSearchBase("ou=people");
+        factory.setUserSearchFilter("(uid={0})");
+        return factory.createAuthenticationManager();
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
             .antMatchers("/", "/home", "/css/**")
             .permitAll()
             .anyRequest()
             .authenticated()
-                .and().formLogin().loginPage("/login").permitAll()
+            .and()
-                .and().logout().logoutSuccessUrl("/");
+            .formLogin()
+            .loginPage("/login")
+            .permitAll()
+            .and()
+            .logout()
+            .logoutSuccessUrl("/");
+        return http.build();
     }
-
 }