JAVA-14882 Update spring-security-ldap under spring-security-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12890)

2022-10-19 23:51:29 +05:30 · 2022-10-19 23:51:29 +05:30 · afa8a9ed9e
commit afa8a9ed9e
parent 5bc5a0f717
1 changed files with 42 additions and 23 deletions
--- a/spring-security-modules/spring-security-ldap/src/main/java/com/baeldung/config/SecurityConfig.java
+++ b/spring-security-modules/spring-security-ldap/src/main/java/com/baeldung/config/SecurityConfig.java
@ -1,39 +1,58 @@
 package com.baeldung.config;

+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.ldap.core.support.BaseLdapPathContextSource;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory;
+import org.springframework.security.ldap.server.ApacheDSContainer;
+import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
+import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
+import org.springframework.security.web.SecurityFilterChain;

 /**
 * Security Configuration - LDAP and HTTP Authorizations.
 */
@Configuration
 // @ImportResource({ "classpath:webSecurityConfig.xml" }) //=> uncomment to use equivalent xml config
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
+public class SecurityConfig {

-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.ldapAuthentication()
-                .userSearchBase("ou=people")
-                .userSearchFilter("(uid={0})")
-                .groupSearchBase("ou=groups")
-                .groupSearchFilter("(member={0})")
-                .contextSource()
-                .root("dc=baeldung,dc=com")
-                .ldif("classpath:users.ldif");
+    @Bean
+    ApacheDSContainer ldapContainer() throws Exception {
+        return new ApacheDSContainer("dc=baeldung,dc=com", "classpath:users.ldif");
    }

-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http
-                .authorizeRequests()
-                .antMatchers("/", "/home", "/css/**")
-                .permitAll()
-                .anyRequest()
-                .authenticated()
-                .and().formLogin().loginPage("/login").permitAll()
-                .and().logout().logoutSuccessUrl("/");
+    @Bean
+    LdapAuthoritiesPopulator authorities(BaseLdapPathContextSource contextSource) {
+        String groupSearchBase = "ou=groups";
+        DefaultLdapAuthoritiesPopulator authorities = new DefaultLdapAuthoritiesPopulator(contextSource, groupSearchBase);
+        authorities.setGroupSearchFilter("(member={0})");
+        return authorities;
    }

+    @Bean
+    AuthenticationManager authenticationManager(BaseLdapPathContextSource contextSource, LdapAuthoritiesPopulator authorities) {
+        LdapBindAuthenticationManagerFactory factory = new LdapBindAuthenticationManagerFactory(contextSource);
+        factory.setUserSearchBase("ou=people");
+        factory.setUserSearchFilter("(uid={0})");
+        return factory.createAuthenticationManager();
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+            .antMatchers("/", "/home", "/css/**")
+            .permitAll()
+            .anyRequest()
+            .authenticated()
+            .and()
+            .formLogin()
+            .loginPage("/login")
+            .permitAll()
+            .and()
+            .logout()
+            .logoutSuccessUrl("/");
+        return http.build();
+    }
 }