WebSecurityConfigurerAdapter has been deprecated

[JayRizzo]

FYI --
.../src/main/java/com/demo/security/config/WebSecurityConfig.java:17:40
java: org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter in org.springframework.security.config.annotation.web.configuration has been deprecated

Notated Here:
spring-projects/spring-security@e97c643#diff-1f087c7ac3aa768e19af9c74e4a21899696a8a4f7c89c9aff07e55792050cda6R97

This prevents me from following your tutorial listed here: https://www.youtube.com/watch?v=QwQuro7ekvc

Please address when time permits.

[ThomasDumouchel]

Hey JayRizzo. I have been struggling with the same problem for 2 days. I decided to put my head down and try to fix the problem on my own. Here is what I came up with and it works perfectly fine. Hope this helps!

// ... All your packages and imports

@configuration
@AllArgsConstructor
@EnableWebSecurity
public class WebSecurityConfig {

private final AppUserService appUserService;
private final BCryptPasswordEncoder bCryptPasswordEncoder;

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http
            .authenticationProvider(daoAuthenticationProvider())
            .csrf().disable()
            .authorizeRequests()
            .antMatchers("/api/v*/registration/**").permitAll()
            .anyRequest()
            .authenticated().and()
            .formLogin();
    return http.build();


}

@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
    return authenticationConfiguration.getAuthenticationManager();
}

@Bean
public DaoAuthenticationProvider daoAuthenticationProvider() {
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setPasswordEncoder(bCryptPasswordEncoder);
    provider.setUserDetailsService(appUserService);
    return provider;
}

}

[nisilachandunu]

This works fine
package com.example.loginsignup.security.config;

import lombok.AllArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

@configuration
@AllArgsConstructor
@EnableWebSecurity
public class WebSecurityConfig{
@bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
http
.csrf().disable()
.authorizeHttpRequests()
.requestMatchers("/api/v*/registration/**")
.permitAll()
.anyRequest()
.authenticated().and()
.formLogin();
return http.build();

}

}

[michaelnadar]

On the pom.xml file u can the version to older one this will work { to 5.5.0 } and reload the project by right clicking On pom.xml file select Maven and reload the project and u r good to go ...... {i m new to this It worked for me Thats all not recommanded.}

org.springframework.security
spring-security-config
5.5.0

[SimronJ]

Hey guys, so I too encounter this error. As of today with sprint boot version of 3.1.4. After lots of debugging. I fixed the issue.

Here is what's working for me without any issue for WebSecurityConfig class.

`
package com.example.demo.security.config;

import com.example.demo.appuser.AppUserService;
import lombok.AllArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

import static org.springframework.security.config.Customizer.withDefaults;

@configuration
@AllArgsConstructor
@EnableWebSecurity
public class WebSecurityConfig {

private final AppUserService appUserservice;
private final BCryptPasswordEncoder bCryptPasswordEncoder;

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    RequestMatcher matcher = new AntPathRequestMatcher("/api/v*/registration/**", HttpMethod.POST.toString());
    http
            .authenticationProvider(daoAuthenticationProvider())
            .csrf(AbstractHttpConfigurer::disable)
            .authorizeHttpRequests(auth -> auth
                    .requestMatchers(matcher).permitAll()
                    .anyRequest().authenticated())
            .formLogin(withDefaults());
    return http.build();
}

@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
    return authenticationConfiguration.getAuthenticationManager();
}

@Bean
public DaoAuthenticationProvider daoAuthenticationProvider() {
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setPasswordEncoder(bCryptPasswordEncoder);
    provider.setUserDetailsService(appUserservice);
    return provider;
}

}`