update to spring-boot 3.1

sephiroth-j · Oct 1, 2023 · d5cdb4c · d5cdb4c
1 parent 499569b
commit d5cdb4c
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 6 deletions.
diff --git a/pom.xml b/pom.xml
@@ -28,7 +28,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>3.0.0</version>
+		<version>3.1.4</version>
 		<relativePath/>
 	</parent>
 

diff --git a/src/main/java/hello/config/WebSecurityConfig.java b/src/main/java/hello/config/WebSecurityConfig.java
@@ -29,6 +29,8 @@
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity.CsrfSpec;
+import org.springframework.security.config.web.server.ServerHttpSecurity.HttpBasicSpec;
 import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
 import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper;
 import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
@@ -46,17 +48,16 @@ public class WebSecurityConfig
 	public SecurityWebFilterChain springSecurityFilterChain(final ServerHttpSecurity http, final AuthenticationWebFilter ltpa2AuthenticationWebFilter)
 	{
 		http
-			.csrf().disable()
-			.httpBasic().disable()
-			.authorizeExchange()
+			.csrf(CsrfSpec::disable)
+			.httpBasic(HttpBasicSpec::disable)
+			.authorizeExchange(authorize -> authorize
 			.pathMatchers(
 				"/",
 				"/home"
 			).permitAll()
 			.pathMatchers("/hello").hasRole("DEVELOPERS")
 			// all other require any authentication
-			.anyExchange().authenticated()
-			.and()
+			.anyExchange().authenticated())
 			// apply ltpa2 authentication filter
 			.addFilterAt(ltpa2AuthenticationWebFilter, SecurityWebFiltersOrder.AUTHENTICATION);
 		return http.build();