How to update deprecated WebSecurityConfigurerAdapter with userDetailsService in Spring Boot 2.7
Question
WebSecurityConfigurerAdapter in Spring 2.7 is depricated. How should I update this class:
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final UserRepository userRepository;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(
email -> {
log.debug("Authenticating '{}'", email);
Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
return new AuthUser(optionalUser.orElseThrow(
() -> new UsernameNotFoundException("User '" + email + "' was not found")));
}
).passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()....
}
}
2 answers
solution1
2 2022-06-03 17:55:11
According Spring Security without the WebSecurityConfigurerAdapter it could be updated:
public class SecurityConfiguration {
private final UserRepository userRepository;
@Bean
public PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
@Bean
public UserDetailsService userDetailsService() {
return email -> {
log.debug("Authenticating '{}'", email);
Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
return new AuthUser(optionalUser.orElseThrow(
() -> new UsernameNotFoundException("User '" + email + "' was not found")));
};
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeRequests()...;
return http.build();
}
}
solution2
0 2022-08-27 09:53:59
// spring boot 2.7.0 + changes with spring security
@Configuration
public class SecurityConfiguration {
@Bean
UserDetailsService userDetailsService() {
return new MyUserDetailsService(); // to be created
}
@Bean
BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService());
authProvider.setPasswordEncoder(passwordEncoder());
return authProvider;
}
@Bean
SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authenticationProvider(authenticationProvider());
http.authorizeRequests()...;
http.authorizeRequests().and().rememberMe().userDetailsService(userDetailsService()); // important
http.authorizeRequests()...;
return http.build();
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Spring Security: Error while upgrading the deprecated WebSecurityConfigurerAdapter in Spring Boot 2.7.2
Cannot Configure UserDetailsService into WebSecurityConfigurerAdapter with Spring Social
How to pass GenericFilterBean data to WebSecurityConfigurerAdapter in Spring Boot?
Spring Boot with custom UserDetailsService
Spring Boot permitAll not working in WebSecurityConfigurerAdapter
Replace WebSecurityConfigurerAdapter in Spring boot for ResourceServerConfigurerAdapter
How to migrate deprecated WebSecurityConfigurerAdapter to SecurityFilterChain?
Cannot Autowire UserDetailsService into WebSecurityConfigurerAdapter
How to fix error of WebSecurityConfigurerAdapter when upgrade to Spring Boot 3.0.0?
How to configure multiple HttpSecurity with UserDetailsService using spring boot security?
Related Tags