Merge pull request #101 from wimdeblauwe/feature/gh-100

Replace deprecated methods of Spring Security with new alternatives
wimdeblauwe · Sep 18, 2024 · 3ad2534 · 3ad2534
2 parents a8ec58e + ccb5bc5
commit 3ad2534
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 13 deletions.
diff --git a/src/docs/asciidoc/index.adoc b/src/docs/asciidoc/index.adoc
@@ -1212,8 +1212,10 @@ import io.github.wimdeblauwe.errorhandlingspringbootstarter.mapper.ErrorMessageM
 import io.github.wimdeblauwe.errorhandlingspringbootstarter.mapper.HttpStatusMapper;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 
 public class WebSecurityConfiguration {
     @Bean
@@ -1227,11 +1229,11 @@ public class WebSecurityConfiguration {
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http,
                                                    UnauthorizedEntryPoint unauthorizedEntryPoint) throws Exception {
-        http.httpBasic().disable();
+        http.httpBasic(AbstractHttpConfigurer::disable);
 
-        http.authorizeHttpRequests().anyRequest().authenticated();
+        http.authorizeHttpRequests(customizer -> customizer.anyRequest().authenticated());
 
-        http.exceptionHandling().authenticationEntryPoint(unauthorizedEntryPoint);//<.>
+        http.exceptionHandling(customizer -> customizer.authenticationEntryPoint(unauthorizedEntryPoint));//<.>
 
         return http.build();
     }
@@ -1258,6 +1260,7 @@ import io.github.wimdeblauwe.errorhandlingspringbootstarter.mapper.HttpStatusMap
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 
 public class WebSecurityConfiguration {
 
@@ -1272,11 +1275,11 @@ public class WebSecurityConfiguration {
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http,
                                                    AccessDeniedHandler accessDeniedHandler) throws Exception {
-        http.httpBasic().disable();
+        http.httpBasic(AbstractHttpConfigurer::disable);
 
-        http.authorizeHttpRequests().anyRequest().authenticated();
+        http.authorizeHttpRequests(customizer -> customizer.anyRequest().authenticated());
 
-        http.exceptionHandling().accessDeniedHandler(accessDeniedHandler);//<.>
+        http.exceptionHandling(customizer -> customizer.accessDeniedHandler(accessDeniedHandler));//<.>
 
         return http.build();
     }

diff --git a/...eblauwe/errorhandlingspringbootstarter/handler/SpringSecurityApiExceptionHandlerTest.java b/...eblauwe/errorhandlingspringbootstarter/handler/SpringSecurityApiExceptionHandlerTest.java
@@ -17,6 +17,7 @@
 import org.springframework.security.authentication.AccountExpiredException;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.access.AccessDeniedHandler;
@@ -130,15 +131,15 @@ public AccessDeniedHandler accessDeniedHandler(HttpStatusMapper httpStatusMapper
         public SecurityFilterChain securityFilterChain(HttpSecurity http,
                                                        UnauthorizedEntryPoint unauthorizedEntryPoint,
                                                        AccessDeniedHandler accessDeniedHandler) throws Exception {
-            http.httpBasic().disable();
+            http.httpBasic(AbstractHttpConfigurer::disable);
 
-            http.authorizeHttpRequests()
-                .requestMatchers("/test/spring-security/admin-global").hasRole("ADMIN")
-                .anyRequest().authenticated();
+            http.authorizeHttpRequests(customizer -> customizer
+                    .requestMatchers("/test/spring-security/admin-global").hasRole("ADMIN")
+                    .anyRequest().authenticated());
 
-            http.exceptionHandling()
-                .authenticationEntryPoint(unauthorizedEntryPoint)
-                .accessDeniedHandler(accessDeniedHandler);
+            http.exceptionHandling(customizer -> customizer
+                    .authenticationEntryPoint(unauthorizedEntryPoint)
+                    .accessDeniedHandler(accessDeniedHandler));
 
             return http.build();
         }