From fe187e8f98f102e00e65a0640885124de75e1603 Mon Sep 17 00:00:00 2001
From: anuragkumawat <anuragkumawat7@gmail.com>
Date: Sun, 18 Sep 2022 10:28:39 +0530
Subject: [PATCH] =?UTF-8?q?=20JAVA-14666=20Update=20spring-session=20modul?=
 =?UTF-8?q?e=20under=20spring-web-modules=20to=20=E2=80=A6=20(#12717)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* JAVA-14666 Update spring-session module under spring-web-modules to remove usage of deprecated WebSecurityConfigurerAdapter

* JAVA-14666 Correct Java Formatting
---
 .../spring/session/SecurityConfig.java        | 36 ++++++++++++-------
 1 file changed, 23 insertions(+), 13 deletions(-)

diff --git a/spring-web-modules/spring-session/spring-session-redis/src/main/java/com/baeldung/spring/session/SecurityConfig.java b/spring-web-modules/spring-session/spring-session-redis/src/main/java/com/baeldung/spring/session/SecurityConfig.java
index d9476d7704..d5add05025 100644
--- a/spring-web-modules/spring-session/spring-session-redis/src/main/java/com/baeldung/spring/session/SecurityConfig.java
+++ b/spring-web-modules/spring-session/spring-session-redis/src/main/java/com/baeldung/spring/session/SecurityConfig.java
@@ -1,27 +1,37 @@
 package com.baeldung.spring.session;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @EnableWebSecurity
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
+public class SecurityConfig {
     
-    @Autowired
-    public void configureGlobal(AuthenticationManagerBuilder auth, PasswordEncoder passwordEncoder) throws Exception {
-        auth.inMemoryAuthentication().withUser("admin").password(passwordEncoder.encode("password")).roles("ADMIN");
+    @Bean
+    public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) {
+        UserDetails user = User.withUsername("admin")
+            .password(passwordEncoder.encode("password"))
+            .roles("ADMIN")
+            .build();
+        return new InMemoryUserDetailsManager(user);
     }
-    
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.httpBasic().and().authorizeRequests().antMatchers("/").hasRole("ADMIN").anyRequest().authenticated();
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        http.httpBasic()
+            .and()
+            .authorizeRequests()
+            .antMatchers("/")
+            .hasRole("ADMIN")
+            .anyRequest()
+            .authenticated();
+        return http.build();
     }
-    
 }