Remove usage of WebSecurityConfigurerAdapter

Switch to expose a SecurityFilterChain Bean

Closes gh-52
This commit is contained in:
Marcus Da Coregio
2021-12-10 09:53:33 -03:00
parent b2ec34de55
commit fe037cf4d7
11 changed files with 129 additions and 124 deletions

View File

@@ -18,31 +18,30 @@ package example;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import static org.springframework.security.config.Customizer.withDefaults;
import org.springframework.security.web.SecurityFilterChain;
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
public class SecurityConfiguration {
@Override
// @formatter:off
protected void configure(HttpSecurity http) throws Exception {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http, UserDetailsService users) throws Exception {
// @formatter:off
http
.authorizeRequests((authorize) -> authorize
.anyRequest().authenticated()
)
.formLogin((form) -> form
.loginPage("/login")
.permitAll()
)
.rememberMe(withDefaults());
.authorizeRequests((authorize) -> authorize
.anyRequest().authenticated()
)
.formLogin((form) -> form
.loginPage("/login")
.permitAll()
)
.rememberMe((rememberMe) -> rememberMe.userDetailsService(users));
// @formatter:on
return http.build();
}
// @formatter:on
// @formatter:off
@Bean