JAVA-14890 Update spring-security-oauth2-sso module under spring-security-modules to remove usage of deprecated WebSecurityConfigurerAdapter (#12913)

* JAVA-14890 Update spring-security-oauth2-sso module under spring-security-modules to remove usage of deprecated WebSecurityConfigurerAdapter

* JAVA-14890 Commit remaining code

spring-security-modules/spring-security-oauth2-sso/spring-security-sso-kerberos/src/main/java/com/baeldung/intro/config/WebSecurityConfig.java

@@ -6,39 +6,47 @@ import org.springframework.core.io.FileSystemResource;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.kerberos.authentication.KerberosAuthenticationProvider;
 import org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider;
 import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosClient;
 import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator;
 import org.springframework.security.kerberos.web.authentication.SpnegoAuthenticationProcessingFilter;
 import org.springframework.security.kerberos.web.authentication.SpnegoEntryPoint;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
 import com.baeldung.intro.security.DummyUserDetailsService;
 
 @Configuration
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+public class WebSecurityConfig extends AbstractHttpConfigurer<WebSecurityConfig, HttpSecurity> {
 
-    @Override
+    public static WebSecurityConfig securityConfig() {
-    protected void configure(HttpSecurity http) throws Exception {
+        return new WebSecurityConfig();
-        http.authorizeRequests()
-          .anyRequest()
-          .authenticated()
-          .and()
-          .addFilterBefore(spnegoAuthenticationProcessingFilter(authenticationManagerBean()), BasicAuthenticationFilter.class);
     }
 
     @Override
+    public void configure(HttpSecurity http) throws Exception {
+        AuthenticationManager authenticationManager = http.getSharedObject(AuthenticationManager.class);
+        http.addFilterBefore(spnegoAuthenticationProcessingFilter(authenticationManager), BasicAuthenticationFilter.class);
+    }
+
     @Bean
-    public AuthenticationManager authenticationManagerBean() throws Exception {
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        return super.authenticationManagerBean();
+        http.authorizeRequests()
+            .anyRequest()
+            .authenticated()
+            .and()
+            .apply(securityConfig());
+        return http.build();
     }
 
-    @Override
+    @Bean
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+    public AuthenticationManager authManager(HttpSecurity http) throws Exception {
-        auth.authenticationProvider(kerberosAuthenticationProvider())
+        return http.getSharedObject(AuthenticationManagerBuilder.class)
-          .authenticationProvider(kerberosServiceAuthenticationProvider());
+            .authenticationProvider(kerberosAuthenticationProvider())
+            .authenticationProvider(kerberosServiceAuthenticationProvider())
+            .build();
     }
 
     @Bean

spring-security-modules/spring-security-oauth2-sso/spring-security-sso-kerberos/src/main/java/kerberos/server/config/WebSecurityConfig.java

@@ -9,18 +9,19 @@ import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.kerberos.authentication.KerberosAuthenticationProvider;
 import org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider;
 import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosClient;
 import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator;
 import org.springframework.security.kerberos.web.authentication.SpnegoAuthenticationProcessingFilter;
 import org.springframework.security.kerberos.web.authentication.SpnegoEntryPoint;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
 @Configuration
 @EnableWebSecurity
-class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+class WebSecurityConfig extends AbstractHttpConfigurer<WebSecurityConfig, HttpSecurity> {
 
 	@Value("${app.service-principal}")
 	private String servicePrincipal;
@@ -28,32 +29,45 @@ class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 	@Value("${app.keytab-location}")
 	private String keytabLocation;
 
-	@Override
+    public static WebSecurityConfig securityConfig() {
-	protected void configure(HttpSecurity http) throws Exception {
+        return new WebSecurityConfig();
-		http.exceptionHandling()
+    }
-				.authenticationEntryPoint(spnegoEntryPoint())
-				.and()
-				.authorizeRequests().antMatchers("/", "/home").permitAll()
-				.anyRequest().authenticated()
-				.and()
-				.formLogin().loginPage("/login").permitAll()
-				.and()
-				.logout().permitAll()
-				.and()
-				.addFilterBefore(spnegoAuthenticationProcessingFilter(authenticationManagerBean()),
-						BasicAuthenticationFilter.class);
-	}
 
-	@Bean
+    @Override
-	public AuthenticationManager anAuthenticationManager() throws Exception {
+    public void configure(HttpSecurity http) throws Exception {
-		return authenticationManager();
+        AuthenticationManager authenticationManager = http.getSharedObject(AuthenticationManager.class);
-	}
+        http.addFilterBefore(spnegoAuthenticationProcessingFilter(authenticationManager), BasicAuthenticationFilter.class);
+    }
 
-	@Override
+    @Bean
-	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-		auth.authenticationProvider(kerberosAuthenticationProvider())
+        http.exceptionHandling()
-				.authenticationProvider(kerberosServiceAuthenticationProvider());
+            .authenticationEntryPoint(spnegoEntryPoint())
-	}
+            .and()
+            .authorizeRequests()
+            .antMatchers("/", "/home")
+            .permitAll()
+            .anyRequest()
+            .authenticated()
+            .and()
+            .formLogin()
+            .loginPage("/login")
+            .permitAll()
+            .and()
+            .logout()
+            .permitAll()
+            .and()
+            .apply(securityConfig());
+        return http.build();
+    }
+
+    @Bean
+    public AuthenticationManager authManager(HttpSecurity http) throws Exception {
+        return http.getSharedObject(AuthenticationManagerBuilder.class)
+            .authenticationProvider(kerberosAuthenticationProvider())
+            .authenticationProvider(kerberosServiceAuthenticationProvider())
+            .build();
+    }
 
 	@Bean
 	public KerberosAuthenticationProvider kerberosAuthenticationProvider() {