Remove usage of WebSecurityConfigurerAdapter

Switch to expose a SecurityFilterChain Bean

Closes gh-52
This commit is contained in:
Marcus Da Coregio
2021-12-10 09:53:33 -03:00
parent ca32d8e45d
commit 526bc16f7e
11 changed files with 129 additions and 124 deletions

View File

@@ -18,26 +18,27 @@ package example;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
public class SecurityConfiguration {
// @formatter:off
@Override
protected void configure(HttpSecurity http) throws Exception {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeHttpRequests((authorize) -> authorize
.antMatchers("/login", "/resources/**").permitAll()
.anyRequest().authenticated()
)
.jee((jee) -> jee.mappableRoles("USER", "ADMIN"));
.authorizeHttpRequests((authorize) -> authorize
.antMatchers("/login", "/resources/**").permitAll()
.anyRequest().authenticated()
)
.jee((jee) -> jee.mappableRoles("USER", "ADMIN"));
// @formatter:on
return http.build();
}
// @formatter:on
// @formatter:off
@Bean