diff --git a/spring-boot-project/spring-boot-autoconfigure/pom.xml b/spring-boot-project/spring-boot-autoconfigure/pom.xml
index a22911a996..e13e5240cb 100755
--- a/spring-boot-project/spring-boot-autoconfigure/pom.xml
+++ b/spring-boot-project/spring-boot-autoconfigure/pom.xml
@@ -523,11 +523,6 @@
spring-security-data
true
-
- org.springframework.security
- spring-security-webflux
- true
-
org.springframework.security
spring-security-jwt-jose
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfiguration.java
index da2dbee873..8770cebaf8 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfiguration.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfiguration.java
@@ -27,7 +27,7 @@ import org.springframework.context.annotation.Import;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
-import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
/**
@@ -42,7 +42,7 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
*/
@Configuration
@ConditionalOnClass({ AuthenticationManager.class,
- GlobalAuthenticationConfigurerAdapter.class })
+ EnableWebSecurity.class })
@EnableConfigurationProperties(SecurityProperties.class)
@Import({ SpringBootWebSecurityConfiguration.class, WebSecurityEnablerConfiguration.class,
AuthenticationManagerConfiguration.class, SecurityDataConfiguration.class })
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.java
index 5e0a542e93..6cb509558b 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.java
@@ -16,14 +16,12 @@
package org.springframework.boot.autoconfigure.security;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication.Type;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
@@ -36,7 +34,6 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
* @author Madhura Bhave
* @since 2.0.0
*/
-@ConditionalOnClass(EnableWebSecurity.class)
@ConditionalOnMissingBean(WebSecurityConfigurerAdapter.class)
@ConditionalOnWebApplication(type = Type.SERVLET)
public class SpringBootWebSecurityConfiguration {
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/WebSecurityEnablerConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/WebSecurityEnablerConfiguration.java
index eeda91c3f0..d9766f1b8e 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/WebSecurityEnablerConfiguration.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/WebSecurityEnablerConfiguration.java
@@ -17,7 +17,6 @@
package org.springframework.boot.autoconfigure.security;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -34,7 +33,6 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
* @since 2.0.0
*/
@ConditionalOnBean(WebSecurityConfigurerAdapter.class)
-@ConditionalOnClass(EnableWebSecurity.class)
@ConditionalOnMissingBean(WebSecurityConfiguration.class)
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
@EnableWebSecurity
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java
index 6856672a4f..ce1dbde4c9 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java
@@ -76,7 +76,7 @@ final class OAuth2ClientPropertiesRegistrationAdapter {
throw new IllegalStateException(getErrorMessage(configuredProviderId, registrationId));
}
Builder builder = (provider != null ? provider.getBuilder(registrationId)
- : new Builder(registrationId));
+ : ClientRegistration.withRegistrationId(registrationId));
if (providers.containsKey(providerId)) {
return getBuilder(builder, providers.get(providerId));
}
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveAuthenticationManagerConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveAuthenticationManagerConfiguration.java
index a5bc751899..bc05c17f7d 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveAuthenticationManagerConfiguration.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveAuthenticationManagerConfiguration.java
@@ -27,15 +27,15 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplicat
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
-import org.springframework.security.core.userdetails.MapUserDetailsRepository;
+import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
+import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsRepository;
/**
* Default user {@link Configuration} for a reactive web application. Configures a
- * {@link UserDetailsRepository} with a default user and generated password. This
- * backs-off completely if there is a bean of type {@link UserDetailsRepository} or
+ * {@link ReactiveUserDetailsService} with a default user and generated password. This
+ * backs-off completely if there is a bean of type {@link ReactiveUserDetailsService} or
* {@link ReactiveAuthenticationManager}.
*
* @author Madhura Bhave
@@ -44,7 +44,7 @@ import org.springframework.security.core.userdetails.UserDetailsRepository;
@Configuration
@ConditionalOnClass({ ReactiveAuthenticationManager.class })
@ConditionalOnMissingBean({ ReactiveAuthenticationManager.class,
- UserDetailsRepository.class })
+ ReactiveUserDetailsService.class })
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
public class ReactiveAuthenticationManagerConfiguration {
@@ -52,11 +52,11 @@ public class ReactiveAuthenticationManagerConfiguration {
.getLog(ReactiveAuthenticationManagerConfiguration.class);
@Bean
- public MapUserDetailsRepository userDetailsRepository() {
+ public MapReactiveUserDetailsService reactiveUserDetailsService() {
String password = UUID.randomUUID().toString();
logger.info(String.format("%n%nUsing default security password: %s%n", password));
UserDetails user = User.withUsername("user").password(password).roles().build();
- return new MapUserDetailsRepository(user);
+ return new MapReactiveUserDetailsService(user);
}
}
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/jpa/JpaUserDetailsTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/jpa/JpaUserDetailsTests.java
index ce30f0327b..66e42c0f11 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/jpa/JpaUserDetailsTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/jpa/JpaUserDetailsTests.java
@@ -25,9 +25,7 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.boot.autoconfigure.jdbc.EmbeddedDataSourceConfiguration;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
-import org.springframework.boot.autoconfigure.security.user.SecurityConfig;
import org.springframework.boot.test.context.SpringBootContextLoader;
-import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Import;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
@@ -57,7 +55,6 @@ public class JpaUserDetailsTests {
@Import({ EmbeddedDataSourceConfiguration.class, DataSourceAutoConfiguration.class,
HibernateJpaAutoConfiguration.class,
PropertyPlaceholderAutoConfiguration.class, SecurityAutoConfiguration.class })
- @ComponentScan(basePackageClasses = SecurityConfig.class)
public static class Main {
}
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java
index 3874231f71..384d2d1309 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java
@@ -78,7 +78,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
assertThat(adapted.getAuthorizationGrantType()).isEqualTo(
org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
assertThat(adapted.getRedirectUri()).isEqualTo("http://example.com/redirect");
- assertThat(adapted.getScope()).containsExactly("scope");
+ assertThat(adapted.getScopes()).containsExactly("scope");
assertThat(adapted.getClientName()).isEqualTo("clientName");
}
@@ -112,7 +112,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
assertThat(adapted.getRedirectUri()).isEqualTo(
"{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{registrationId}");
- assertThat(adapted.getScope()).containsExactly("openid", "profile", "email",
+ assertThat(adapted.getScopes()).containsExactly("openid", "profile", "email",
"address", "phone");
assertThat(adapted.getClientName()).isEqualTo("Google");
}
@@ -151,7 +151,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
assertThat(adapted.getAuthorizationGrantType()).isEqualTo(
org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
assertThat(adapted.getRedirectUri()).isEqualTo("http://example.com/redirect");
- assertThat(adapted.getScope()).containsExactly("scope");
+ assertThat(adapted.getScopes()).containsExactly("scope");
assertThat(adapted.getClientName()).isEqualTo("clientName");
}
@@ -196,7 +196,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
assertThat(adapted.getRedirectUri()).isEqualTo(
"{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{registrationId}");
- assertThat(adapted.getScope()).containsExactly("openid", "profile", "email",
+ assertThat(adapted.getScopes()).containsExactly("openid", "profile", "email",
"address", "phone");
assertThat(adapted.getClientName()).isEqualTo("Google");
}
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2WebSecurityConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2WebSecurityConfigurationTests.java
index 98eaa2a1d9..d377002a3d 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2WebSecurityConfigurationTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2WebSecurityConfigurationTests.java
@@ -36,7 +36,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.AuthorizationCodeAuthenticationFilter;
-import org.springframework.security.oauth2.client.web.AuthorizationCodeRequestRedirectFilter;
+import org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.SecurityFilterChain;
@@ -97,7 +97,7 @@ public class OAuth2WebSecurityConfigurationTests {
.getField(filterChains.get(0), "filters");
List oauth2Filters = filters.stream()
.filter((f) -> f instanceof AuthorizationCodeAuthenticationFilter
- || f instanceof AuthorizationCodeRequestRedirectFilter)
+ || f instanceof AuthorizationRequestRedirectFilter)
.collect(Collectors.toList());
return oauth2Filters.stream()
.filter((f) -> f instanceof AuthorizationCodeAuthenticationFilter)
@@ -111,7 +111,7 @@ public class OAuth2WebSecurityConfigurationTests {
&& ObjectUtils.nullSafeEquals(reg1.getClientName(), reg2.getClientName());
result = result && ObjectUtils.nullSafeEquals(reg1.getClientSecret(),
reg2.getClientSecret());
- result = result && ObjectUtils.nullSafeEquals(reg1.getScope(), reg2.getScope());
+ result = result && ObjectUtils.nullSafeEquals(reg1.getScopes(), reg2.getScopes());
result = result && ObjectUtils.nullSafeEquals(reg1.getRedirectUri(),
reg2.getRedirectUri());
result = result && ObjectUtils.nullSafeEquals(reg1.getRegistrationId(),
@@ -154,7 +154,7 @@ public class OAuth2WebSecurityConfigurationTests {
}
private ClientRegistration getClientRegistration(String id, String userInfoUri) {
- ClientRegistration.Builder builder = new ClientRegistration.Builder(id);
+ ClientRegistration.Builder builder = ClientRegistration.withRegistrationId(id);
builder.clientName("foo").clientId("foo")
.clientAuthenticationMethod(
org.springframework.security.oauth2.core.ClientAuthenticationMethod.BASIC)
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfigurationTests.java
index 0240eab8c5..9753e590cb 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfigurationTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfigurationTests.java
@@ -29,14 +29,14 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.server.reactive.HttpHandler;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
-import org.springframework.security.config.annotation.web.reactive.HttpSecurityConfiguration;
+import org.springframework.security.config.annotation.web.reactive.ServerHttpSecurityConfiguration;
import org.springframework.security.config.annotation.web.reactive.WebFluxSecurityConfiguration;
import org.springframework.security.core.Authentication;
-import org.springframework.security.core.userdetails.MapUserDetailsRepository;
+import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
+import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsRepository;
-import org.springframework.security.web.server.WebFilterChainFilter;
+import org.springframework.security.web.server.WebFilterChainProxy;
import org.springframework.web.reactive.config.EnableWebFlux;
import org.springframework.web.server.adapter.WebHttpHandlerBuilder;
@@ -58,11 +58,11 @@ public class ReactiveSecurityAutoConfigurationTests {
.withConfiguration(
AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class))
.run((context) -> {
- assertThat(context).getBean(HttpSecurityConfiguration.class)
+ assertThat(context).getBean(ServerHttpSecurityConfiguration.class)
.isNotNull();
assertThat(context).getBean(WebFluxSecurityConfiguration.class)
.isNotNull();
- assertThat(context).getBean(WebFilterChainFilter.class).isNotNull();
+ assertThat(context).getBean(WebFilterChainProxy.class).isNotNull();
});
}
@@ -72,9 +72,9 @@ public class ReactiveSecurityAutoConfigurationTests {
.withConfiguration(
AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class))
.run((context) -> {
- UserDetailsRepository userDetailsRepository = context
- .getBean(UserDetailsRepository.class);
- assertThat(userDetailsRepository.findByUsername("user").block())
+ ReactiveUserDetailsService userDetailsService = context
+ .getBean(ReactiveUserDetailsService.class);
+ assertThat(userDetailsService.findByUsername("user").block())
.isNotNull();
});
}
@@ -85,13 +85,13 @@ public class ReactiveSecurityAutoConfigurationTests {
.withConfiguration(
AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class))
.run((context) -> {
- UserDetailsRepository userDetailsRepository = context
- .getBean(UserDetailsRepository.class);
- assertThat(userDetailsRepository.findByUsername("user").block())
+ ReactiveUserDetailsService userDetailsService = context
+ .getBean(ReactiveUserDetailsService.class);
+ assertThat(userDetailsService.findByUsername("user").block())
.isNull();
- assertThat(userDetailsRepository.findByUsername("foo").block())
+ assertThat(userDetailsService.findByUsername("foo").block())
.isNotNull();
- assertThat(userDetailsRepository.findByUsername("admin").block())
+ assertThat(userDetailsService.findByUsername("admin").block())
.isNotNull();
});
}
@@ -103,7 +103,7 @@ public class ReactiveSecurityAutoConfigurationTests {
TestConfig.class)
.withConfiguration(
AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class))
- .run((context) -> assertThat(context).getBean(UserDetailsRepository.class)
+ .run((context) -> assertThat(context).getBean(ReactiveUserDetailsService.class)
.isNull());
}
@@ -127,12 +127,12 @@ public class ReactiveSecurityAutoConfigurationTests {
static class UserConfig {
@Bean
- public MapUserDetailsRepository userDetailsRepository() {
+ public MapReactiveUserDetailsService userDetailsService() {
UserDetails foo = User.withUsername("foo").password("foo").roles("USER")
.build();
UserDetails admin = User.withUsername("admin").password("admin")
.roles("USER", "ADMIN").build();
- return new MapUserDetailsRepository(foo, admin);
+ return new MapReactiveUserDetailsService(foo, admin);
}
}
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/user/SecurityConfig.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/user/SecurityConfig.java
deleted file mode 100644
index bfa71618d9..0000000000
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/user/SecurityConfig.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright 2012-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.boot.autoconfigure.security.user;
-
-import org.springframework.boot.autoconfigure.domain.EntityScan;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-
-@Configuration
-@EnableGlobalMethodSecurity(securedEnabled = true)
-@EntityScan(basePackageClasses = User.class)
-@EnableJpaRepositories(basePackageClasses = User.class)
-public class SecurityConfig extends GlobalAuthenticationConfigurerAdapter {
-
- protected final UserRepository userRepository;
-
- public SecurityConfig(UserRepository userRepository) {
- this.userRepository = userRepository;
- }
-
- @Override
- public void init(AuthenticationManagerBuilder auth) throws Exception {
- System.err.println("Global security config");
- }
-
-}
diff --git a/spring-boot-project/spring-boot-dependencies/pom.xml b/spring-boot-project/spring-boot-dependencies/pom.xml
index 204fc359e6..c2b6721cea 100644
--- a/spring-boot-project/spring-boot-dependencies/pom.xml
+++ b/spring-boot-project/spring-boot-dependencies/pom.xml
@@ -154,7 +154,7 @@
1.2.0.RELEASE
1.2.2.RELEASE
1.2.1.RELEASE
- 5.0.0.M5
+ 5.0.0.BUILD-SNAPSHOT
2.0.0.M5
2.0.0.M4
2.0.0.M4
diff --git a/spring-boot-project/spring-boot-docs/pom.xml b/spring-boot-project/spring-boot-docs/pom.xml
index 3c5af4475e..81f0248a5a 100644
--- a/spring-boot-project/spring-boot-docs/pom.xml
+++ b/spring-boot-project/spring-boot-docs/pom.xml
@@ -712,11 +712,6 @@
spring-security-test
true
-
- org.springframework.security
- spring-security-webflux
- true
-
org.springframework.session
spring-session-core
diff --git a/spring-boot-project/spring-boot-starters/pom.xml b/spring-boot-project/spring-boot-starters/pom.xml
index e0ae6b2cb6..bc1270dbeb 100644
--- a/spring-boot-project/spring-boot-starters/pom.xml
+++ b/spring-boot-project/spring-boot-starters/pom.xml
@@ -58,7 +58,6 @@
spring-boot-starter-quartz
spring-boot-starter-reactor-netty
spring-boot-starter-security
- spring-boot-starter-security-reactive
spring-boot-starter-social-facebook
spring-boot-starter-social-twitter
spring-boot-starter-social-linkedin
diff --git a/spring-boot-project/spring-boot-starters/spring-boot-starter-security-reactive/pom.xml b/spring-boot-project/spring-boot-starters/spring-boot-starter-security-reactive/pom.xml
deleted file mode 100644
index bc64017909..0000000000
--- a/spring-boot-project/spring-boot-starters/spring-boot-starter-security-reactive/pom.xml
+++ /dev/null
@@ -1,34 +0,0 @@
-
-
- 4.0.0
-
- org.springframework.boot
- spring-boot-starters
- ${revision}
-
- spring-boot-starter-security-reactive
- Spring Boot Security Reactive Starter
- Starter for using reactive Spring Security
-
- ${basedir}/../../..
-
-
-
- org.springframework.boot
- spring-boot-starter
-
-
- org.springframework
- spring-aop
-
-
- org.springframework.security
- spring-security-config
-
-
- org.springframework.security
- spring-security-webflux
-
-
-
diff --git a/spring-boot-project/spring-boot-starters/spring-boot-starter-security-reactive/src/main/resources/META-INF/spring.provides b/spring-boot-project/spring-boot-starters/spring-boot-starter-security-reactive/src/main/resources/META-INF/spring.provides
deleted file mode 100644
index 3f5de80181..0000000000
--- a/spring-boot-project/spring-boot-starters/spring-boot-starter-security-reactive/src/main/resources/META-INF/spring.provides
+++ /dev/null
@@ -1 +0,0 @@
-provides: spring-security-webflux,spring-security-config
diff --git a/spring-boot-samples/spring-boot-sample-secure-webflux/pom.xml b/spring-boot-samples/spring-boot-sample-secure-webflux/pom.xml
index 91cabbf869..056559a6c5 100644
--- a/spring-boot-samples/spring-boot-sample-secure-webflux/pom.xml
+++ b/spring-boot-samples/spring-boot-sample-secure-webflux/pom.xml
@@ -27,7 +27,7 @@
org.springframework.boot
- spring-boot-starter-security-reactive
+ spring-boot-starter-security
diff --git a/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/java/sample/secure/webflux/SampleSecureWebFluxApplication.java b/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/java/sample/secure/webflux/SampleSecureWebFluxApplication.java
index 5709327ce8..0d8ea665e8 100644
--- a/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/java/sample/secure/webflux/SampleSecureWebFluxApplication.java
+++ b/spring-boot-samples/spring-boot-sample-secure-webflux/src/main/java/sample/secure/webflux/SampleSecureWebFluxApplication.java
@@ -19,9 +19,9 @@ package sample.secure.webflux;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
-import org.springframework.security.core.userdetails.MapUserDetailsRepository;
+import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
+import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetailsRepository;
import org.springframework.web.reactive.function.server.RouterFunction;
import org.springframework.web.reactive.function.server.ServerResponse;
@@ -41,8 +41,8 @@ public class SampleSecureWebFluxApplication {
}
@Bean
- public UserDetailsRepository userDetailsRepository() {
- return new MapUserDetailsRepository(
+ public ReactiveUserDetailsService userDetailsRepository() {
+ return new MapReactiveUserDetailsService(
User.withUsername("foo").password("password").roles("USER").build());
}
diff --git a/spring-boot-samples/spring-boot-sample-web-method-security/src/main/java/sample/security/method/SampleMethodSecurityApplication.java b/spring-boot-samples/spring-boot-sample-web-method-security/src/main/java/sample/security/method/SampleMethodSecurityApplication.java
index 6535288091..b4e7b640a5 100644
--- a/spring-boot-samples/spring-boot-sample-web-method-security/src/main/java/sample/security/method/SampleMethodSecurityApplication.java
+++ b/spring-boot-samples/spring-boot-sample-web-method-security/src/main/java/sample/security/method/SampleMethodSecurityApplication.java
@@ -18,19 +18,21 @@ package sample.security.method;
import java.util.Date;
import java.util.Map;
+import java.util.UUID;
import org.springframework.boot.actuate.autoconfigure.security.EndpointRequest;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.security.access.annotation.Secured;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@@ -67,14 +69,14 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer {
@Order(Ordered.HIGHEST_PRECEDENCE)
@Configuration
- protected static class AuthenticationSecurity
- extends GlobalAuthenticationConfigurerAdapter {
+ protected static class AuthenticationSecurity {
- @Override
- public void init(AuthenticationManagerBuilder auth) throws Exception {
- auth.inMemoryAuthentication().withUser("admin").password("admin")
- .roles("ADMIN", "USER", "ACTUATOR").and().withUser("user")
- .password("user").roles("USER");
+ @Bean
+ public InMemoryUserDetailsManager inMemoryUserDetailsManager() throws Exception {
+ String password = UUID.randomUUID().toString();
+ return new InMemoryUserDetailsManager(
+ User.withUsername("admin").password("admin").roles("ADMIN", "USER", "ACTUATOR").build(),
+ User.withUsername("user").password("user").roles("USER").build());
}
}