Merge pull request #12745 from anuragkumawat/JAVA-14866
JAVA-14866 Update spring-security-core module under spring-security-modules to remove usage of deprecated WebSecurityConfigurerAdapter
This commit is contained in:
commit
ea73ba8eab
|
@ -1,32 +1,55 @@
|
|||
package com.baeldung.app.config;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
public class WebSecurityConfig {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests().antMatchers("/css/**", "/js/**", "/loggedout").permitAll().anyRequest().authenticated().and().httpBasic().and().logout().disable().csrf().disable();
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/css/**", "/js/**", "/loggedout")
|
||||
.permitAll()
|
||||
.anyRequest()
|
||||
.authenticated()
|
||||
.and()
|
||||
.httpBasic()
|
||||
.and()
|
||||
.logout()
|
||||
.disable()
|
||||
.csrf()
|
||||
.disable();
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Autowired
|
||||
public void configureGlobal(AuthenticationManagerBuilder auth, PasswordEncoder passwordEncoder) throws Exception {
|
||||
auth.inMemoryAuthentication()
|
||||
.withUser("jim").password(passwordEncoder.encode("jim")).roles("USER", "ACTUATOR")
|
||||
.and().withUser("pam").password(passwordEncoder.encode("pam")).roles("USER")
|
||||
.and().withUser("michael").password(passwordEncoder.encode("michael")).roles("MANAGER");
|
||||
}
|
||||
@Bean
|
||||
public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
|
||||
UserDetails jim = User.withUsername("jim")
|
||||
.password(passwordEncoder.encode("jim"))
|
||||
.roles("USER", "ACTUATOR")
|
||||
.build();
|
||||
|
||||
UserDetails pam = User.withUsername("pam")
|
||||
.password(passwordEncoder.encode("pam"))
|
||||
.roles("USER")
|
||||
.build();
|
||||
|
||||
UserDetails michael = User.withUsername("michael")
|
||||
.password(passwordEncoder.encode("michael"))
|
||||
.roles("MANAGER")
|
||||
.build();
|
||||
|
||||
return new InMemoryUserDetailsManager(jim, pam, michael);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -3,12 +3,14 @@ package com.baeldung.filterresponse.config;
|
|||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
|
@ -16,23 +18,33 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
|||
@EnableWebMvc
|
||||
@EnableWebSecurity
|
||||
@ComponentScan("com.baeldung.filterresponse")
|
||||
public class AppConfig extends WebSecurityConfigurerAdapter implements WebMvcConfigurer {
|
||||
public class AppConfig implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication()
|
||||
.withUser("user").password(passwordEncoder().encode("userPass")).roles("USER")
|
||||
.and()
|
||||
.withUser("admin").password(passwordEncoder().encode("adminPass")).roles("ADMIN");
|
||||
@Bean
|
||||
public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
|
||||
UserDetails user = User.withUsername("user")
|
||||
.password(passwordEncoder.encode("userPass"))
|
||||
.roles("USER")
|
||||
.build();
|
||||
|
||||
UserDetails admin = User.withUsername("admin")
|
||||
.password(passwordEncoder.encode("adminPass"))
|
||||
.roles("ADMIN")
|
||||
.build();
|
||||
|
||||
return new InMemoryUserDetailsManager(user, admin);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(final HttpSecurity http) throws Exception {
|
||||
http
|
||||
.csrf().disable()
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and().httpBasic();
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
http.csrf()
|
||||
.disable()
|
||||
.authorizeRequests()
|
||||
.anyRequest()
|
||||
.authenticated()
|
||||
.and()
|
||||
.httpBasic();
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
@ -40,8 +52,6 @@ public class AppConfig extends WebSecurityConfigurerAdapter implements WebMvcCon
|
|||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
|
||||
|
||||
public enum Role {
|
||||
ROLE_USER,
|
||||
ROLE_ADMIN
|
||||
|
|
Loading…
Reference in New Issue