Upgrade to Spring Security 5.0.0.BUILD-SNAPSHOT
Following some changes in the latest snapshot this includes: - Some updates to oauth2 client auto-config - Security auto-config no longer relies on GlobalAuthenticationConfigurerAdapter - Remove reactive security starter Closes gh-10704
This commit is contained in:
@@ -18,19 +18,21 @@ package sample.security.method;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
import org.springframework.boot.actuate.autoconfigure.security.EndpointRequest;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.access.annotation.Secured;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
@@ -67,14 +69,14 @@ public class SampleMethodSecurityApplication implements WebMvcConfigurer {
|
||||
|
||||
@Order(Ordered.HIGHEST_PRECEDENCE)
|
||||
@Configuration
|
||||
protected static class AuthenticationSecurity
|
||||
extends GlobalAuthenticationConfigurerAdapter {
|
||||
protected static class AuthenticationSecurity {
|
||||
|
||||
@Override
|
||||
public void init(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication().withUser("admin").password("admin")
|
||||
.roles("ADMIN", "USER", "ACTUATOR").and().withUser("user")
|
||||
.password("user").roles("USER");
|
||||
@Bean
|
||||
public InMemoryUserDetailsManager inMemoryUserDetailsManager() throws Exception {
|
||||
String password = UUID.randomUUID().toString();
|
||||
return new InMemoryUserDetailsManager(
|
||||
User.withUsername("admin").password("admin").roles("ADMIN", "USER", "ACTUATOR").build(),
|
||||
User.withUsername("user").password("user").roles("USER").build());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user