From 67544f36f9eea4ea24208af5926fffbc09e23faa Mon Sep 17 00:00:00 2001
From: Steve Riesenberg <sriesenberg@vmware.com>
Date: Fri, 29 Jul 2022 14:07:48 -0500
Subject: [PATCH] Remove references to WebSecurityConfigurerAdapter

* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
---
 .../EnableGlobalAuthentication.java           |   40 +-
 .../annotation/web/WebSecurityConfigurer.java |   11 +-
 .../annotation/web/builders/HttpSecurity.java | 1090 +++++++++++------
 .../annotation/web/builders/WebSecurity.java  |   11 +-
 .../WebSecurityConfiguration.java             |    9 +-
 ...bstractAuthenticationFilterConfigurer.java |   10 +-
 .../DefaultLoginPageConfigurer.java           |    8 +-
 .../web/configurers/FormLoginConfigurer.java  |   14 +-
 .../web/configurers/HeadersConfigurer.java    |    6 +-
 .../web/configurers/RememberMeConfigurer.java |   13 +-
 .../web/configurers/X509Configurer.java       |    7 +-
 .../openid/OpenIDLoginConfigurer.java         |   36 +-
 12 files changed, 811 insertions(+), 444 deletions(-)

diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/EnableGlobalAuthentication.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/EnableGlobalAuthentication.java
index acc8fef8183..7ed54d433e6 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/EnableGlobalAuthentication.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/EnableGlobalAuthentication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2013 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -39,10 +39,19 @@
  * &#064;EnableGlobalAuthentication
  * public class MyGlobalAuthenticationConfiguration {
  *
- * 	&#064;Autowired
- * 	public void configureGlobal(AuthenticationManagerBuilder auth) {
- * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;)
- * 				.and().withUser(&quot;admin&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;, &quot;ADMIN&quot;);
+ * 	&#064;Bean
+ * 	public UserDetailsService userDetailsService() {
+ * 		UserDetails user = User.withDefaultPasswordEncoder()
+ * 			.username(&quot;user&quot;)
+ * 			.password(&quot;password&quot;)
+ * 			.roles(&quot;USER&quot;)
+ * 			.build();
+ * 		UserDetails admin = User.withDefaultPasswordEncoder()
+ * 			.username(&quot;admin&quot;)
+ * 			.password(&quot;password&quot;)
+ * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+ * 			.build();
+ * 		return new InMemoryUserDetailsManager(user, admin);
  * 	}
  * }
  * </pre>
@@ -54,15 +63,24 @@
  * <pre class="code">
  * &#064;Configuration
  * &#064;EnableWebSecurity
- * public class MyWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
+ * public class MyWebSecurityConfiguration {
  *
- * 	&#064;Autowired
- * 	public void configureGlobal(AuthenticationManagerBuilder auth) {
- * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;)
- * 				.and().withUser(&quot;admin&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;, &quot;ADMIN&quot;);
+ * 	&#064;Bean
+ * 	public UserDetailsService userDetailsService() {
+ * 		UserDetails user = User.withDefaultPasswordEncoder()
+ * 			.username(&quot;user&quot;)
+ * 			.password(&quot;password&quot;)
+ * 			.roles(&quot;USER&quot;)
+ * 			.build();
+ * 		UserDetails admin = User.withDefaultPasswordEncoder()
+ * 			.username(&quot;admin&quot;)
+ * 			.password(&quot;password&quot;)
+ * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+ * 			.build();
+ * 		return new InMemoryUserDetailsManager(user, admin);
  * 	}
  *
- * 	// Possibly overridden methods ...
+ * 	// Possibly more bean methods ...
  * }
  * </pre>
  *
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java
index c7bc0578d5f..91ca1c1a566 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -23,19 +23,16 @@
 import org.springframework.security.config.annotation.SecurityConfigurer;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.SecurityFilterChain;
 
 /**
  * Allows customization to the {@link WebSecurity}. In most instances users will use
- * {@link EnableWebSecurity} and either create a {@link Configuration} that extends
- * {@link WebSecurityConfigurerAdapter} or expose a {@link SecurityFilterChain} bean. Both
- * will automatically be applied to the {@link WebSecurity} by the
- * {@link EnableWebSecurity} annotation.
+ * {@link EnableWebSecurity} and create a {@link Configuration} that exposes a
+ * {@link SecurityFilterChain} bean. This will automatically be applied to the
+ * {@link WebSecurity} by the {@link EnableWebSecurity} annotation.
  *
  * @author Rob Winch
  * @since 3.2
- * @see WebSecurityConfigurerAdapter
  * @see SecurityFilterChain
  */
 public interface WebSecurityConfigurer<T extends SecurityBuilder<Filter>> extends SecurityConfigurer<Filter, T> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
index 8a627ef3108..6f9da8ab421 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
@@ -45,7 +45,6 @@
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer;
 import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
 import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry;
@@ -114,16 +113,22 @@
  * <pre>
  * &#064;Configuration
  * &#064;EnableWebSecurity
- * public class FormLoginSecurityConfig extends WebSecurityConfigurerAdapter {
+ * public class FormLoginSecurityConfig {
  *
- * 	&#064;Override
- * 	protected void configure(HttpSecurity http) throws Exception {
+ * 	&#064;Bean
+ * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
  * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin();
+ * 		return http.build();
  * 	}
  *
- * 	&#064;Override
- * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+ * 	&#064;Bean
+ * 	public UserDetailsService userDetailsService() {
+ * 		UserDetails user = User.withDefaultPasswordEncoder()
+ * 			.username(&quot;user&quot;)
+ * 			.password(&quot;password&quot;)
+ * 			.roles(&quot;USER&quot;)
+ * 			.build();
+ * 		return new InMemoryUserDetailsManager(user);
  * 	}
  * }
  * </pre>
@@ -181,22 +186,25 @@ private ApplicationContext getContext() {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class OpenIDLoginConfig extends WebSecurityConfigurerAdapter {
+	 * public class OpenIDLoginConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().openidLogin()
 	 * 				.permitAll();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication()
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
 	 * 				// the username must match the OpenID of the user you are
 	 * 				// logging in with
-	 * 				.withUser(
+	 * 				.username(
 	 * 						&quot;https://www.google.com/accounts/o8/id?id=lmkCn9xzPdsxVwG7pjYMuDgNNdASFmobNkcRPaWU&quot;)
-	 * 				.password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 				.password(&quot;password&quot;).roles(&quot;USER&quot;)
+	 * 				.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -208,10 +216,10 @@ private ApplicationContext getContext() {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class OpenIDLoginConfig extends WebSecurityConfigurerAdapter {
+	 * public class OpenIDLoginConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests()
 	 * 				.antMatchers(&quot;/**&quot;)
 	 * 				.hasRole(&quot;USER&quot;)
@@ -233,6 +241,7 @@ private ApplicationContext getContext() {
 	 * 				.attribute(&quot;email&quot;).type(&quot;https://schema.openid.net/contact/email&quot;)
 	 * 				.required(true).and().attribute(&quot;fullname&quot;)
 	 * 				.type(&quot;https://schema.openid.net/namePerson&quot;).required(true);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 *
@@ -268,10 +277,10 @@ public OpenIDLoginConfigurer<HttpSecurity> openidLogin() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class OpenIDLoginConfig extends WebSecurityConfigurerAdapter {
+	 * public class OpenIDLoginConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -281,16 +290,19 @@ public OpenIDLoginConfigurer<HttpSecurity> openidLogin() throws Exception {
 	 * 				openidLogin
 	 * 					.permitAll()
 	 * 			);
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication()
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
 	 * 				// the username must match the OpenID of the user you are
 	 * 				// logging in with
-	 * 				.withUser(
+	 * 				.username(
 	 * 						&quot;https://www.google.com/accounts/o8/id?id=lmkCn9xzPdsxVwG7pjYMuDgNNdASFmobNkcRPaWU&quot;)
-	 * 				.password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 				.password(&quot;password&quot;).roles(&quot;USER&quot;)
+	 * 				.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -302,10 +314,10 @@ public OpenIDLoginConfigurer<HttpSecurity> openidLogin() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class OpenIDLoginConfig extends WebSecurityConfigurerAdapter {
+	 * public class OpenIDLoginConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@@ -355,6 +367,7 @@ public OpenIDLoginConfigurer<HttpSecurity> openidLogin() throws Exception {
 	 * 							)
 	 * 					)
 	 * 			);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 *
@@ -386,17 +399,17 @@ public HttpSecurity openidLogin(Customizer<OpenIDLoginConfigurer<HttpSecurity>>
 
 	/**
 	 * Adds the Security headers to the response. This is activated by default when using
-	 * {@link WebSecurityConfigurerAdapter}'s default constructor. Accepting the default
-	 * provided by {@link WebSecurityConfigurerAdapter} or only invoking
-	 * {@link #headers()} without invoking additional methods on it, is the equivalent of:
+	 * {@link EnableWebSecurity}. Accepting the default provided by
+	 * {@link EnableWebSecurity} or only invoking {@link #headers()} without invoking
+	 * additional methods on it, is the equivalent of:
 	 *
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 *     protected void configure(HttpSecurity http) throws Exception {
+	 *     &#064;Bean
+	 *     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *         http
 	 *             .headers()
 	 *                 .contentTypeOptions()
@@ -410,6 +423,7 @@ public HttpSecurity openidLogin(Customizer<OpenIDLoginConfigurer<HttpSecurity>>
 	 *                 .frameOptions()
 	 *                 .and()
 	 *             ...;
+	 *         return http.build();
 	 *     }
 	 * }
 	 * </pre>
@@ -419,13 +433,14 @@ public HttpSecurity openidLogin(Customizer<OpenIDLoginConfigurer<HttpSecurity>>
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 *     protected void configure(HttpSecurity http) throws Exception {
+	 *     &#064;Bean
+	 *     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *         http
 	 *             .headers().disable()
 	 *             ...;
+	 *         return http.build();
 	 *     }
 	 * }
 	 * </pre>
@@ -439,10 +454,10 @@ public HttpSecurity openidLogin(Customizer<OpenIDLoginConfigurer<HttpSecurity>>
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 *     protected void configure(HttpSecurity http) throws Exception {
+	 *     &#064;Bean
+	 *     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *         http
 	 *             .headers()
 	 *                  .defaultsDisabled()
@@ -451,6 +466,7 @@ public HttpSecurity openidLogin(Customizer<OpenIDLoginConfigurer<HttpSecurity>>
 	 *                  .frameOptions()
 	 *                  .and()
 	 *             ...;
+	 *         return http.build();
 	 *     }
 	 * }
 	 * </pre>
@@ -462,16 +478,17 @@ public HttpSecurity openidLogin(Customizer<OpenIDLoginConfigurer<HttpSecurity>>
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 *     protected void configure(HttpSecurity http) throws Exception {
+	 *     &#064;Bean
+	 *     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *         http
 	 *             .headers()
 	 *                  .frameOptions()
 	 *                  	.disable()
 	 *                  .and()
 	 *             ...;
+	 *         return http.build();
 	 *     }
 	 * }
 	 * </pre>
@@ -485,21 +502,20 @@ public HeadersConfigurer<HttpSecurity> headers() throws Exception {
 
 	/**
 	 * Adds the Security headers to the response. This is activated by default when using
-	 * {@link WebSecurityConfigurerAdapter}'s default constructor.
+	 * {@link EnableWebSecurity}.
 	 *
 	 * <h2>Example Configurations</h2>
 	 *
-	 * Accepting the default provided by {@link WebSecurityConfigurerAdapter} or only
-	 * invoking {@link #headers()} without invoking additional methods on it, is the
-	 * equivalent of:
+	 * Accepting the default provided by {@link EnableWebSecurity} or only invoking
+	 * {@link #headers()} without invoking additional methods on it, is the equivalent of:
 	 *
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 *	&#064;Override
-	 *	protected void configure(HttpSecurity http) throws Exception {
+	 *	&#064;Bean
+	 *	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *		http
 	 *			.headers((headers) -&gt;
 	 *				headers
@@ -509,6 +525,7 @@ public HeadersConfigurer<HttpSecurity> headers() throws Exception {
 	 *					.httpStrictTransportSecurity(withDefaults())
 	 *					.frameOptions(withDefaults()
 	 *			);
+	 *		return http.build();
 	 *	}
 	 * }
 	 * </pre>
@@ -518,12 +535,13 @@ public HeadersConfigurer<HttpSecurity> headers() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 *	&#064;Override
-	 *	protected void configure(HttpSecurity http) throws Exception {
+	 *	&#064;Bean
+	 *	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.headers((headers) -&gt; headers.disable());
+	 *		return http.build();
 	 *	}
 	 * }
 	 * </pre>
@@ -537,10 +555,10 @@ public HeadersConfigurer<HttpSecurity> headers() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 *	&#064;Override
-	 *	protected void configure(HttpSecurity http) throws Exception {
+	 *	&#064;Bean
+	 *	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *		http
 	 *			.headers((headers) -&gt;
 	 *				headers
@@ -548,6 +566,7 @@ public HeadersConfigurer<HttpSecurity> headers() throws Exception {
 	 *			 		.cacheControl(withDefaults())
 	 *			 		.frameOptions(withDefaults())
 	 *			);
+	 *		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -559,15 +578,17 @@ public HeadersConfigurer<HttpSecurity> headers() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 *  protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *  	http
 	 *  		.headers((headers) -&gt;
 	 *  			headers
 	 *  				.frameOptions((frameOptions) -&gt; frameOptions.disable())
 	 *  		);
+	 * 		return http.build();
+	 * 	}
 	 * }
 	 * </pre>
 	 * @param headersCustomizer the {@link Customizer} to provide more options for the
@@ -602,12 +623,13 @@ public CorsConfigurer<HttpSecurity> cors() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CorsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CorsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 *     protected void configure(HttpSecurity http) throws Exception {
+	 *     &#064;Bean
+	 *     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *         http
 	 *             .cors(withDefaults());
+	 *         return http.build();
 	 *     }
 	 * }
 	 * </pre>
@@ -634,18 +656,24 @@ public HttpSecurity cors(Customizer<CorsConfigurer<HttpSecurity>> corsCustomizer
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class SessionManagementSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class SessionManagementSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().anyRequest().hasRole(&quot;USER&quot;).and().formLogin()
 	 * 				.permitAll().and().sessionManagement().maximumSessions(1)
 	 * 				.expiredUrl(&quot;/login?expired&quot;);
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -685,10 +713,10 @@ public SessionManagementConfigurer<HttpSecurity> sessionManagement() throws Exce
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class SessionManagementSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class SessionManagementSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -706,6 +734,17 @@ public SessionManagementConfigurer<HttpSecurity> sessionManagement() throws Exce
 	 * 							.expiredUrl(&quot;/login?expired&quot;)
 	 * 					)
 	 * 			);
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -754,19 +793,25 @@ public HttpSecurity sessionManagement(
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class PortMapperSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class PortMapperSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin()
 	 * 				.permitAll().and()
 	 * 				// Example portMapper() configuration
 	 * 				.portMapper().http(9090).mapsTo(9443).http(80).mapsTo(443);
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -796,10 +841,10 @@ public PortMapperConfigurer<HttpSecurity> portMapper() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class PortMapperSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class PortMapperSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.requiresChannel((requiresChannel) -&gt;
 	 * 				requiresChannel
@@ -810,6 +855,17 @@ public PortMapperConfigurer<HttpSecurity> portMapper() throws Exception {
 	 * 					.http(9090).mapsTo(9443)
 	 * 					.http(80).mapsTo(443)
 	 * 			);
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -838,13 +894,14 @@ public HttpSecurity portMapper(Customizer<PortMapperConfigurer<HttpSecurity>> po
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class JeeSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class JeeSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
 	 * 		// Example jee() configuration
 	 * 				.jee().mappableRoles(&quot;USER&quot;, &quot;ADMIN&quot;);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -909,10 +966,10 @@ public JeeConfigurer<HttpSecurity> jee() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class JeeSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class JeeSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -922,6 +979,7 @@ public JeeConfigurer<HttpSecurity> jee() throws Exception {
 	 * 				jee
 	 * 					.mappableRoles(&quot;USER&quot;, &quot;ADMIN&quot;)
 	 * 			);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -988,13 +1046,14 @@ public HttpSecurity jee(Customizer<JeeConfigurer<HttpSecurity>> jeeCustomizer) t
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class X509SecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class X509SecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
 	 * 		// Example x509() configuration
 	 * 				.x509();
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1017,16 +1076,17 @@ public X509Configurer<HttpSecurity> x509() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class X509SecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class X509SecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.x509(withDefaults());
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1053,19 +1113,25 @@ public HttpSecurity x509(Customizer<X509Configurer<HttpSecurity>> x509Customizer
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RememberMeSecurityConfig extends WebSecurityConfigurerAdapter {
-	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
-	 * 	}
+	 * public class RememberMeSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin()
 	 * 				.permitAll().and()
 	 * 				// Example Remember Me Configuration
 	 * 				.rememberMe();
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1089,10 +1155,10 @@ public RememberMeConfigurer<HttpSecurity> rememberMe() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RememberMeSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class RememberMeSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -1100,6 +1166,17 @@ public RememberMeConfigurer<HttpSecurity> rememberMe() throws Exception {
 	 * 			)
 	 * 			.formLogin(withDefaults())
 	 * 			.rememberMe(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1127,17 +1204,27 @@ public HttpSecurity rememberMe(Customizer<RememberMeConfigurer<HttpSecurity>> re
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;)
-	 * 				.and().withUser(&quot;admin&quot;).password(&quot;password&quot;).roles(&quot;ADMIN&quot;, &quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		UserDetails admin = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;admin&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user, admin);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1149,18 +1236,28 @@ public HttpSecurity rememberMe(Customizer<RememberMeConfigurer<HttpSecurity>> re
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;)
-	 * 				.and().withUser(&quot;admin&quot;).password(&quot;password&quot;).roles(&quot;ADMIN&quot;, &quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		UserDetails admin = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;admin&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user, admin);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1170,8 +1267,17 @@ public HttpSecurity rememberMe(Customizer<RememberMeConfigurer<HttpSecurity>> re
 	 * mapping:
 	 *
 	 * <pre>
-	 * http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).antMatchers(&quot;/admin/**&quot;)
-	 * 		.hasRole(&quot;ADMIN&quot;)
+	 * &#064;Configuration
+	 * &#064;EnableWebSecurity
+	 * public class AuthorizeUrlsSecurityConfig {
+	 *
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).antMatchers(&quot;/admin/**&quot;)
+	 * 			.hasRole(&quot;ADMIN&quot;)
+	 * 		return http.build();
+	 * 	}
+	 * }
 	 * </pre>
 	 * @return the {@link ExpressionUrlAuthorizationConfigurer} for further customizations
 	 * @throws Exception
@@ -1196,16 +1302,32 @@ public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrl
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.formLogin(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		UserDetails admin = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;admin&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user, admin);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1217,10 +1339,10 @@ public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrl
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -1228,6 +1350,22 @@ public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrl
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.formLogin(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		UserDetails admin = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;admin&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user, admin);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1239,16 +1377,17 @@ public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrl
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		 http
 	 * 		 	.authorizeRequests((authorizeRequests) -&gt;
 	 * 		 		authorizeRequests
 	 * 			 		.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			 		.antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
 	 * 		 	);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1280,15 +1419,31 @@ public HttpSecurity authorizeRequests(
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeHttpRequests()
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 				.and()
 	 * 			.formLogin();
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		UserDetails admin = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;admin&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user, admin);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1300,16 +1455,32 @@ public HttpSecurity authorizeRequests(
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeHttpRequests()
 	 * 				.antMatchers(&quot;/admin&quot;).hasRole(&quot;ADMIN&quot;)
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 				.and()
 	 * 			.formLogin();
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		UserDetails admin = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;admin&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user, admin);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1321,16 +1492,17 @@ public HttpSecurity authorizeRequests(
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeHttpRequests()
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 				.antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
 	 * 				.and()
 	 * 			.formLogin();
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1358,16 +1530,32 @@ public AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequest
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeHttpRequests((authorizeHttpRequests) -&gt;
 	 * 				authorizeHttpRequests
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.formLogin(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		UserDetails admin = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;admin&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user, admin);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1379,10 +1567,10 @@ public AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequest
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeHttpRequests((authorizeHttpRequests) -&gt;
 	 * 				authorizeHttpRequests
@@ -1390,6 +1578,22 @@ public AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequest
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.formLogin(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		UserDetails admin = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;admin&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;ADMIN&quot;, &quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user, admin);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1401,16 +1605,17 @@ public AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequest
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AuthorizeUrlsSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AuthorizeUrlsSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 		 	.authorizeHttpRequests((authorizeHttpRequests) -&gt;
 	 * 		 		authorizeHttpRequests
 	 * 			 		.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			 		.antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
 	 * 		 	);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1435,7 +1640,7 @@ public HttpSecurity authorizeHttpRequests(
 	 * may be requested prior to authentication. The application will redirect the user to
 	 * a login page. After authentication, Spring Security will redirect the user to the
 	 * originally requested protected page (/protected). This is automatically applied
-	 * when using {@link WebSecurityConfigurerAdapter}.
+	 * when using {@link EnableWebSecurity}.
 	 * @return the {@link RequestCacheConfigurer} for further customizations
 	 * @throws Exception
 	 */
@@ -1448,7 +1653,7 @@ public RequestCacheConfigurer<HttpSecurity> requestCache() throws Exception {
 	 * may be requested prior to authentication. The application will redirect the user to
 	 * a login page. After authentication, Spring Security will redirect the user to the
 	 * originally requested protected page (/protected). This is automatically applied
-	 * when using {@link WebSecurityConfigurerAdapter}.
+	 * when using {@link EnableWebSecurity}.
 	 *
 	 * <h2>Example Custom Configuration</h2>
 	 *
@@ -1457,10 +1662,10 @@ public RequestCacheConfigurer<HttpSecurity> requestCache() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RequestCacheDisabledSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class RequestCacheDisabledSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -1469,6 +1674,7 @@ public RequestCacheConfigurer<HttpSecurity> requestCache() throws Exception {
 	 * 			.requestCache((requestCache) -&gt;
 	 * 				requestCache.disable()
 	 * 			);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1485,7 +1691,7 @@ public HttpSecurity requestCache(Customizer<RequestCacheConfigurer<HttpSecurity>
 
 	/**
 	 * Allows configuring exception handling. This is automatically applied when using
-	 * {@link WebSecurityConfigurerAdapter}.
+	 * {@link EnableWebSecurity}.
 	 * @return the {@link ExceptionHandlingConfigurer} for further customizations
 	 * @throws Exception
 	 */
@@ -1495,7 +1701,7 @@ public ExceptionHandlingConfigurer<HttpSecurity> exceptionHandling() throws Exce
 
 	/**
 	 * Allows configuring exception handling. This is automatically applied when using
-	 * {@link WebSecurityConfigurerAdapter}.
+	 * {@link EnableWebSecurity}.
 	 *
 	 * <h2>Example Custom Configuration</h2>
 	 *
@@ -1505,10 +1711,10 @@ public ExceptionHandlingConfigurer<HttpSecurity> exceptionHandling() throws Exce
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class ExceptionHandlingSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class ExceptionHandlingSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -1519,6 +1725,7 @@ public ExceptionHandlingConfigurer<HttpSecurity> exceptionHandling() throws Exce
 	 * 				exceptionHandling
 	 * 					.accessDeniedPage(&quot;/errors/access-denied&quot;)
 	 * 			);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1536,7 +1743,7 @@ public HttpSecurity exceptionHandling(
 	/**
 	 * Sets up management of the {@link SecurityContext} on the
 	 * {@link SecurityContextHolder} between {@link HttpServletRequest}'s. This is
-	 * automatically applied when using {@link WebSecurityConfigurerAdapter}.
+	 * automatically applied when using {@link EnableWebSecurity}.
 	 * @return the {@link SecurityContextConfigurer} for further customizations
 	 * @throws Exception
 	 */
@@ -1547,22 +1754,23 @@ public SecurityContextConfigurer<HttpSecurity> securityContext() throws Exceptio
 	/**
 	 * Sets up management of the {@link SecurityContext} on the
 	 * {@link SecurityContextHolder} between {@link HttpServletRequest}'s. This is
-	 * automatically applied when using {@link WebSecurityConfigurerAdapter}.
+	 * automatically applied when using {@link EnableWebSecurity}.
 	 *
 	 * The following customization specifies the shared {@link SecurityContextRepository}
 	 *
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class SecurityContextSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class SecurityContextSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.securityContext((securityContext) -&gt;
 	 * 				securityContext
 	 * 					.securityContextRepository(SCR)
 	 * 			);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1580,7 +1788,7 @@ public HttpSecurity securityContext(Customizer<SecurityContextConfigurer<HttpSec
 	/**
 	 * Integrates the {@link HttpServletRequest} methods with the values found on the
 	 * {@link SecurityContext}. This is automatically applied when using
-	 * {@link WebSecurityConfigurerAdapter}.
+	 * {@link EnableWebSecurity}.
 	 * @return the {@link ServletApiConfigurer} for further customizations
 	 * @throws Exception
 	 */
@@ -1591,19 +1799,20 @@ public ServletApiConfigurer<HttpSecurity> servletApi() throws Exception {
 	/**
 	 * Integrates the {@link HttpServletRequest} methods with the values found on the
 	 * {@link SecurityContext}. This is automatically applied when using
-	 * {@link WebSecurityConfigurerAdapter}. You can disable it using:
+	 * {@link EnableWebSecurity}. You can disable it using:
 	 *
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class ServletApiSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class ServletApiSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.servletApi((servletApi) -&gt;
 	 * 				servletApi.disable()
 	 * 			);
+	 * 		return http.build();
 	 * 	}
 	 * }
 	 * </pre>
@@ -1620,19 +1829,19 @@ public HttpSecurity servletApi(Customizer<ServletApiConfigurer<HttpSecurity>> se
 
 	/**
 	 * Enables CSRF protection. This is activated by default when using
-	 * {@link WebSecurityConfigurerAdapter}'s default constructor. You can disable it
-	 * using:
+	 * {@link EnableWebSecurity}'s default constructor. You can disable it using:
 	 *
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 *     protected void configure(HttpSecurity http) throws Exception {
+	 *     &#064;Bean
+	 *     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *         http
 	 *             .csrf().disable()
 	 *             ...;
+	 *         return http.build();
 	 *     }
 	 * }
 	 * </pre>
@@ -1646,18 +1855,18 @@ public CsrfConfigurer<HttpSecurity> csrf() throws Exception {
 
 	/**
 	 * Enables CSRF protection. This is activated by default when using
-	 * {@link WebSecurityConfigurerAdapter}'s default constructor. You can disable it
-	 * using:
+	 * {@link EnableWebSecurity}. You can disable it using:
 	 *
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class CsrfSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class CsrfSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 *     protected void configure(HttpSecurity http) throws Exception {
+	 *     &#064;Bean
+	 *     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 *         http
 	 *             .csrf((csrf) -&gt; csrf.disable());
+	 *         return http.build();
 	 *     }
 	 * }
 	 * </pre>
@@ -1674,8 +1883,8 @@ public HttpSecurity csrf(Customizer<CsrfConfigurer<HttpSecurity>> csrfCustomizer
 
 	/**
 	 * Provides logout support. This is automatically applied when using
-	 * {@link WebSecurityConfigurerAdapter}. The default is that accessing the URL
-	 * "/logout" will log the user out by invalidating the HTTP Session, cleaning up any
+	 * {@link EnableWebSecurity}. The default is that accessing the URL "/logout" will log
+	 * the user out by invalidating the HTTP Session, cleaning up any
 	 * {@link #rememberMe()} authentication that was configured, clearing the
 	 * {@link SecurityContextHolder}, and then redirect to "/login?success".
 	 *
@@ -1688,20 +1897,26 @@ public HttpSecurity csrf(Customizer<CsrfConfigurer<HttpSecurity>> csrfCustomizer
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class LogoutSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class LogoutSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin()
 	 * 				.and()
 	 * 				// sample logout customization
 	 * 				.logout().deleteCookies(&quot;remove&quot;).invalidateHttpSession(false)
 	 * 				.logoutUrl(&quot;/custom-logout&quot;).logoutSuccessUrl(&quot;/logout-success&quot;);
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1714,8 +1929,8 @@ public LogoutConfigurer<HttpSecurity> logout() throws Exception {
 
 	/**
 	 * Provides logout support. This is automatically applied when using
-	 * {@link WebSecurityConfigurerAdapter}. The default is that accessing the URL
-	 * "/logout" will log the user out by invalidating the HTTP Session, cleaning up any
+	 * {@link EnableWebSecurity}. The default is that accessing the URL "/logout" will log
+	 * the user out by invalidating the HTTP Session, cleaning up any
 	 * {@link #rememberMe()} authentication that was configured, clearing the
 	 * {@link SecurityContextHolder}, and then redirect to "/login?success".
 	 *
@@ -1728,10 +1943,10 @@ public LogoutConfigurer<HttpSecurity> logout() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class LogoutSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class LogoutSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -1745,6 +1960,17 @@ public LogoutConfigurer<HttpSecurity> logout() throws Exception {
 	 * 					.logoutUrl(&quot;/custom-logout&quot;)
 	 * 					.logoutSuccessUrl(&quot;/logout-success&quot;)
 	 * 			);
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1760,8 +1986,8 @@ public HttpSecurity logout(Customizer<LogoutConfigurer<HttpSecurity>> logoutCust
 
 	/**
 	 * Allows configuring how an anonymous user is represented. This is automatically
-	 * applied when used in conjunction with {@link WebSecurityConfigurerAdapter}. By
-	 * default anonymous users will be represented with an
+	 * applied when used in conjunction with {@link EnableWebSecurity}. By default
+	 * anonymous users will be represented with an
 	 * {@link org.springframework.security.authentication.AnonymousAuthenticationToken}
 	 * and contain the role "ROLE_ANONYMOUS".
 	 *
@@ -1773,10 +1999,10 @@ public HttpSecurity logout(Customizer<LogoutConfigurer<HttpSecurity>> logoutCust
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AnonymousSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AnonymousSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests()
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@@ -1785,11 +2011,17 @@ public HttpSecurity logout(Customizer<LogoutConfigurer<HttpSecurity>> logoutCust
 	 * 				.and()
 	 * 			// sample anonymous customization
 	 * 			.anonymous().authorities(&quot;ROLE_ANON&quot;);
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1801,10 +2033,10 @@ public HttpSecurity logout(Customizer<LogoutConfigurer<HttpSecurity>> logoutCust
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AnonymousSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AnonymousSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests()
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@@ -1813,11 +2045,17 @@ public HttpSecurity logout(Customizer<LogoutConfigurer<HttpSecurity>> logoutCust
 	 * 				.and()
 	 * 			// sample anonymous customization
 	 * 			.anonymous().disable();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1830,8 +2068,8 @@ public AnonymousConfigurer<HttpSecurity> anonymous() throws Exception {
 
 	/**
 	 * Allows configuring how an anonymous user is represented. This is automatically
-	 * applied when used in conjunction with {@link WebSecurityConfigurerAdapter}. By
-	 * default anonymous users will be represented with an
+	 * applied when used in conjunction with {@link EnableWebSecurity}. By default
+	 * anonymous users will be represented with an
 	 * {@link org.springframework.security.authentication.AnonymousAuthenticationToken}
 	 * and contain the role "ROLE_ANONYMOUS".
 	 *
@@ -1843,10 +2081,10 @@ public AnonymousConfigurer<HttpSecurity> anonymous() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AnonymousSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AnonymousSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -1857,7 +2095,18 @@ public AnonymousConfigurer<HttpSecurity> anonymous() throws Exception {
 	 * 			.anonymous((anonymous) -&gt;
 	 * 				anonymous
 	 * 					.authorities(&quot;ROLE_ANON&quot;)
-	 * 			)
+	 * 			);
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1869,10 +2118,10 @@ public AnonymousConfigurer<HttpSecurity> anonymous() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class AnonymousSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class AnonymousSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -1883,11 +2132,17 @@ public AnonymousConfigurer<HttpSecurity> anonymous() throws Exception {
 	 * 			.anonymous((anonymous) -&gt;
 	 * 				anonymous.disable()
 	 * 			);
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1916,16 +2171,22 @@ public HttpSecurity anonymous(Customizer<AnonymousConfigurer<HttpSecurity>> anon
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class FormLoginSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class FormLoginSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1935,10 +2196,10 @@ public HttpSecurity anonymous(Customizer<AnonymousConfigurer<HttpSecurity>> anon
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class FormLoginSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class FormLoginSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin()
 	 * 				.usernameParameter(&quot;username&quot;) // default is username
 	 * 				.passwordParameter(&quot;password&quot;) // default is password
@@ -1947,11 +2208,17 @@ public HttpSecurity anonymous(Customizer<AnonymousConfigurer<HttpSecurity>> anon
 	 * 				.loginProcessingUrl(&quot;/authentication/login/process&quot;); // default is /login
 	 * 																		// with an HTTP
 	 * 																		// post
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1978,16 +2245,27 @@ public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class FormLoginSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class FormLoginSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.formLogin(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -1997,10 +2275,10 @@ public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class FormLoginSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class FormLoginSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -2014,6 +2292,17 @@ public FormLoginConfigurer<HttpSecurity> formLogin() throws Exception {
 	 * 					.failureUrl(&quot;/authentication/login?failed&quot;)
 	 * 					.loginProcessingUrl(&quot;/authentication/login/process&quot;)
 	 * 			);
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -2065,19 +2354,18 @@ public HttpSecurity formLogin(Customizer<FormLoginConfigurer<HttpSecurity>> form
 	 *
 	 * <pre>
 	 * &#064;Configuration
-	 * public class Saml2LoginConfig {
+	 * &#064;EnableWebSecurity
+	 * public class Saml2LoginSecurityConfig {
 	 *
-	 * 	&#064;EnableWebSecurity
-	 * 	public static class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
-	 * 		&#064;Override
-	 * 		protected void configure(HttpSecurity http) throws Exception {
-	 * 			http
-	 * 				.authorizeRequests()
-	 * 					.anyRequest().authenticated()
-	 * 					.and()
-	 * 				  .saml2Login();
-	 *		}
-	 *	}
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+	 * 		http
+	 * 			.authorizeRequests()
+	 * 				.anyRequest().authenticated()
+	 * 				.and()
+	 * 			.saml2Login();
+	 * 		return http.build();
+	 * 	}
 	 *
 	 *	&#064;Bean
 	 *	public RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() {
@@ -2098,13 +2386,13 @@ public HttpSecurity formLogin(Customizer<FormLoginConfigurer<HttpSecurity>> form
 	 * 		//IDP certificate for verification of incoming messages
 	 * 		Saml2X509Credential idpVerificationCertificate = getVerificationCertificate();
 	 * 		return RelyingPartyRegistration.withRegistrationId(registrationId)
-	 *  * 				.remoteIdpEntityId(idpEntityId)
-	 *  * 				.idpWebSsoUrl(webSsoEndpoint)
-	 *  * 				.credential(signingCredential)
-	 *  * 				.credential(idpVerificationCertificate)
-	 *  * 				.localEntityIdTemplate(localEntityIdTemplate)
-	 *  * 				.build();
-	 *	}
+	 * 				.remoteIdpEntityId(idpEntityId)
+	 * 				.idpWebSsoUrl(webSsoEndpoint)
+	 * 				.credential(signingCredential)
+	 * 				.credential(idpVerificationCertificate)
+	 * 				.localEntityIdTemplate(localEntityIdTemplate)
+	 * 				.build();
+	 * 	}
 	 * }
 	 * </pre>
 	 *
@@ -2154,19 +2442,19 @@ public Saml2LoginConfigurer<HttpSecurity> saml2Login() throws Exception {
 	 *
 	 * <pre>
 	 * &#064;Configuration
-	 * public class Saml2LoginConfig {
+	 * &#064;EnableWebSecurity
+	 * public class Saml2LoginSecurityConfig {
 	 *
-	 * 	&#064;EnableWebSecurity
-	 * 	public static class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
-	 * 		&#064;Override
-	 * 		protected void configure(HttpSecurity http) throws Exception {
-	 * 			http
-	 * 				.authorizeRequests()
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+	 * 		http
+	 * 			.authorizeRequests((authorizeRequests) -&gt;
+	 * 				authorizeRequests
 	 * 					.anyRequest().authenticated()
-	 * 					.and()
-	 * 				  .saml2Login(withDefaults());
-	 *		}
-	 *	}
+	 * 			)
+	 * 			.saml2Login(withDefaults());
+	 * 		return http.build();
+	 * 	}
 	 *
 	 *	&#064;Bean
 	 *	public RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() {
@@ -2187,13 +2475,13 @@ public Saml2LoginConfigurer<HttpSecurity> saml2Login() throws Exception {
 	 * 		//IDP certificate for verification of incoming messages
 	 * 		Saml2X509Credential idpVerificationCertificate = getVerificationCertificate();
 	 * 		return RelyingPartyRegistration.withRegistrationId(registrationId)
-	 *  * 				.remoteIdpEntityId(idpEntityId)
-	 *  * 				.idpWebSsoUrl(webSsoEndpoint)
-	 *  * 				.credential(signingCredential)
-	 *  * 				.credential(idpVerificationCertificate)
-	 *  * 				.localEntityIdTemplate(localEntityIdTemplate)
-	 *  * 				.build();
-	 *	}
+	 * 				.remoteIdpEntityId(idpEntityId)
+	 * 				.idpWebSsoUrl(webSsoEndpoint)
+	 * 				.credential(signingCredential)
+	 * 				.credential(idpVerificationCertificate)
+	 * 				.localEntityIdTemplate(localEntityIdTemplate)
+	 * 				.build();
+	 * 	}
 	 * }
 	 * </pre>
 	 *
@@ -2390,19 +2678,18 @@ public Saml2LogoutConfigurer<HttpSecurity> saml2Logout() throws Exception {
 	 *
 	 * <pre>
 	 * &#064;Configuration
-	 * public class OAuth2LoginConfig {
+	 * &#064;EnableWebSecurity
+	 * public class OAuth2LoginSecurityConfig {
 	 *
-	 * 	&#064;EnableWebSecurity
-	 * 	public static class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
-	 * 		&#064;Override
-	 * 		protected void configure(HttpSecurity http) throws Exception {
-	 * 			http
-	 * 				.authorizeRequests()
-	 * 					.anyRequest().authenticated()
-	 * 					.and()
-	 * 				  .oauth2Login();
-	 *		}
-	 *	}
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+	 * 		http
+	 * 			.authorizeRequests()
+	 * 				.anyRequest().authenticated()
+	 * 				.and()
+	 * 			.oauth2Login();
+	 * 		return http.build();
+	 * 	}
 	 *
 	 *	&#064;Bean
 	 *	public ClientRegistrationRepository clientRegistrationRepository() {
@@ -2490,20 +2777,19 @@ public OAuth2LoginConfigurer<HttpSecurity> oauth2Login() throws Exception {
 	 *
 	 * <pre>
 	 * &#064;Configuration
-	 * public class OAuth2LoginConfig {
+	 * &#064;EnableWebSecurity
+	 * public class OAuth2LoginSecurityConfig {
 	 *
-	 * 	&#064;EnableWebSecurity
-	 * 	public static class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
-	 * 		&#064;Override
-	 * 		protected void configure(HttpSecurity http) throws Exception {
-	 * 			http
-	 * 				.authorizeRequests((authorizeRequests) -&gt;
-	 * 					authorizeRequests
-	 * 						.anyRequest().authenticated()
-	 * 				)
-	 * 				.oauth2Login(withDefaults());
-	 *		}
-	 *	}
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+	 * 		http
+	 * 			.authorizeRequests((authorizeRequests) -&gt;
+	 * 				authorizeRequests
+	 * 					.anyRequest().authenticated()
+	 * 			)
+	 * 			.oauth2Login(withDefaults());
+	 * 		return http.build();
+	 * 	}
 	 *
 	 *	&#064;Bean
 	 *	public ClientRegistrationRepository clientRegistrationRepository() {
@@ -2577,16 +2863,18 @@ public OAuth2ClientConfigurer<HttpSecurity> oauth2Client() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class OAuth2ClientSecurityConfig extends WebSecurityConfigurerAdapter {
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * public class OAuth2ClientSecurityConfig {
+	 *
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
 	 * 					.anyRequest().authenticated()
 	 * 			)
 	 * 			.oauth2Client(withDefaults());
-	 *	}
+	 * 		return http.build();
+	 * 	}
 	 * }
 	 * </pre>
 	 * @param oauth2ClientCustomizer the {@link Customizer} to provide more options for
@@ -2630,13 +2918,10 @@ public OAuth2ResourceServerConfigurer<HttpSecurity> oauth2ResourceServer() throw
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class OAuth2ClientSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class OAuth2ResourceServerSecurityConfig {
 	 *
-	 * &#064;Value("${spring.security.oauth2.resourceserver.jwt.key-value}")
-	 * RSAPublicKey key;
-	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -2649,7 +2934,8 @@ public OAuth2ResourceServerConfigurer<HttpSecurity> oauth2ResourceServer() throw
 	 * 							.decoder(jwtDecoder())
 	 * 					)
 	 * 			);
-	 *	}
+	 * 		return http.build();
+	 * 	}
 	 *
 	 * 	&#064;Bean
 	 * 	public JwtDecoder jwtDecoder() {
@@ -2689,17 +2975,23 @@ public HttpSecurity oauth2ResourceServer(
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class ChannelSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class ChannelSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().formLogin()
 	 * 				.and().requiresChannel().anyRequest().requiresSecure();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -2726,10 +3018,10 @@ public ChannelSecurityConfigurer<HttpSecurity>.ChannelRequestMatcherRegistry req
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class ChannelSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class ChannelSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
@@ -2740,6 +3032,17 @@ public ChannelSecurityConfigurer<HttpSecurity>.ChannelRequestMatcherRegistry req
 	 * 				requiresChannel
 	 * 					.anyRequest().requiresSecure()
 	 * 			);
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -2768,16 +3071,22 @@ public HttpSecurity requiresChannel(
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class HttpBasicSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class HttpBasicSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http.authorizeRequests().antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and().httpBasic();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -2800,16 +3109,27 @@ public HttpBasicConfigurer<HttpSecurity> httpBasic() throws Exception {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class HttpBasicSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class HttpBasicSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests((authorizeRequests) -&gt;
 	 * 				authorizeRequests
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.httpBasic(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -2834,10 +3154,10 @@ public HttpSecurity httpBasic(Customizer<HttpBasicConfigurer<HttpSecurity>> http
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class PasswordManagementSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class PasswordManagementSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.authorizeRequests(authorizeRequests -&gt;
 	 * 				authorizeRequests
@@ -2847,7 +3167,8 @@ public HttpSecurity httpBasic(Customizer<HttpBasicConfigurer<HttpSecurity>> http
 	 * 				passwordManagement
 	 * 					.changePasswordPage(&quot;/custom-change-password-page&quot;)
 	 * 			);
-	 *  }
+	 * 		return http.build();
+	 * 	}
 	 * }
 	 * </pre>
 	 * @param passwordManagementCustomizer the {@link Customizer} to provide more options
@@ -2995,10 +3316,10 @@ public HttpSecurity addFilterAt(Filter filter, Class<? extends Filter> atFilter)
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RequestMatchersSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class RequestMatchersSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.requestMatchers()
 	 * 				.antMatchers(&quot;/api/**&quot;, &quot;/oauth/**&quot;)
@@ -3007,13 +3328,17 @@ public HttpSecurity addFilterAt(Filter filter, Class<? extends Filter> atFilter)
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 				.and()
 	 * 			.httpBasic();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth
-	 * 			.inMemoryAuthentication()
-	 * 				.withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -3023,10 +3348,10 @@ public HttpSecurity addFilterAt(Filter filter, Class<? extends Filter> atFilter)
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RequestMatchersSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class RequestMatchersSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.requestMatchers()
 	 * 				.antMatchers(&quot;/api/**&quot;)
@@ -3036,13 +3361,17 @@ public HttpSecurity addFilterAt(Filter filter, Class<? extends Filter> atFilter)
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 				.and()
 	 * 			.httpBasic();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth
-	 * 			.inMemoryAuthentication()
-	 * 				.withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -3052,10 +3381,10 @@ public HttpSecurity addFilterAt(Filter filter, Class<? extends Filter> atFilter)
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RequestMatchersSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class RequestMatchersSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.requestMatchers()
 	 * 				.antMatchers(&quot;/api/**&quot;)
@@ -3067,13 +3396,17 @@ public HttpSecurity addFilterAt(Filter filter, Class<? extends Filter> atFilter)
 	 * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 				.and()
 	 * 			.httpBasic();
+	 * 		return http.build();
 	 * 	}
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-	 * 		auth
-	 * 			.inMemoryAuthentication()
-	 * 				.withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;);
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -3106,10 +3439,10 @@ public RequestMatcherConfigurer requestMatchers() {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RequestMatchersSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class RequestMatchersSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.requestMatchers((requestMatchers) -&gt;
 	 * 				requestMatchers
@@ -3120,6 +3453,17 @@ public RequestMatcherConfigurer requestMatchers() {
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.httpBasic(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -3129,10 +3473,10 @@ public RequestMatcherConfigurer requestMatchers() {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RequestMatchersSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class RequestMatchersSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.requestMatchers((requestMatchers) -&gt;
 	 * 				requestMatchers
@@ -3144,6 +3488,17 @@ public RequestMatcherConfigurer requestMatchers() {
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.httpBasic(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
@@ -3153,10 +3508,10 @@ public RequestMatcherConfigurer requestMatchers() {
 	 * <pre>
 	 * &#064;Configuration
 	 * &#064;EnableWebSecurity
-	 * public class RequestMatchersSecurityConfig extends WebSecurityConfigurerAdapter {
+	 * public class RequestMatchersSecurityConfig {
 	 *
-	 * 	&#064;Override
-	 * 	protected void configure(HttpSecurity http) throws Exception {
+	 * 	&#064;Bean
+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 	 * 		http
 	 * 			.requestMatchers((requestMatchers) -&gt;
 	 * 				requestMatchers
@@ -3171,6 +3526,17 @@ public RequestMatcherConfigurer requestMatchers() {
 	 * 					.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
 	 * 			)
 	 * 			.httpBasic(withDefaults());
+	 * 		return http.build();
+	 * 	}
+	 *
+	 * 	&#064;Bean
+	 * 	public UserDetailsService userDetailsService() {
+	 * 		UserDetails user = User.withDefaultPasswordEncoder()
+	 * 			.username(&quot;user&quot;)
+	 * 			.password(&quot;password&quot;)
+	 * 			.roles(&quot;USER&quot;)
+	 * 			.build();
+	 * 		return new InMemoryUserDetailsManager(user);
 	 * 	}
 	 * }
 	 * </pre>
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
index 4364968a3de..1548efdf6bd 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
@@ -42,7 +42,6 @@
 import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.web.DefaultSecurityFilterChain;
@@ -77,8 +76,7 @@
  *
  * <p>
  * Customizations to the {@link WebSecurity} can be made by creating a
- * {@link WebSecurityConfigurer}, overriding {@link WebSecurityConfigurerAdapter} or
- * exposing a {@link WebSecurityCustomizer} bean.
+ * {@link WebSecurityConfigurer} or exposing a {@link WebSecurityCustomizer} bean.
  * </p>
  *
  * @author Rob Winch
@@ -200,7 +198,7 @@ public WebSecurity debug(boolean debugEnabled) {
 	 *
 	 * <p>
 	 * Typically this method is invoked automatically within the framework from
-	 * {@link WebSecurityConfigurerAdapter#init(WebSecurity)}
+	 * {@link WebSecurityConfiguration#springSecurityFilterChain()}
 	 * </p>
 	 * @param securityFilterChainBuilder the builder to use to create the
 	 * {@link SecurityFilterChain} instances
@@ -258,7 +256,7 @@ public WebInvocationPrivilegeEvaluator getPrivilegeEvaluator() {
 
 	/**
 	 * Sets the {@link FilterSecurityInterceptor}. This is typically invoked by
-	 * {@link WebSecurityConfigurerAdapter}.
+	 * {@link WebSecurityConfiguration#springSecurityFilterChain()}.
 	 * @param securityInterceptor the {@link FilterSecurityInterceptor} to use
 	 * @return the {@link WebSecurity} for further customizations
 	 * @deprecated Use {@link #privilegeEvaluator(WebInvocationPrivilegeEvaluator)}
@@ -297,8 +295,7 @@ public WebSecurity requestRejectedHandler(RequestRejectedHandler requestRejected
 	protected Filter performBuild() throws Exception {
 		Assert.state(!this.securityFilterChainBuilders.isEmpty(),
 				() -> "At least one SecurityBuilder<? extends SecurityFilterChain> needs to be specified. "
-						+ "Typically this is done by exposing a SecurityFilterChain bean "
-						+ "or by adding a @Configuration that extends WebSecurityConfigurerAdapter. "
+						+ "Typically this is done by exposing a SecurityFilterChain bean. "
 						+ "More advanced users can invoke " + WebSecurity.class.getSimpleName()
 						+ ".addSecurityFilterChainBuilder directly");
 		int chainSize = this.ignoredRequests.size() + this.securityFilterChainBuilders.size();
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java
index 1af50254c94..9d73ce7536c 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -54,10 +54,9 @@
 /**
  * Uses a {@link WebSecurity} to create the {@link FilterChainProxy} that performs the web
  * based security for Spring Security. It then exports the necessary beans. Customizations
- * can be made to {@link WebSecurity} by extending {@link WebSecurityConfigurerAdapter}
- * and exposing it as a {@link Configuration} or implementing
- * {@link WebSecurityConfigurer} and exposing it as a {@link Configuration}. This
- * configuration is imported when using {@link EnableWebSecurity}.
+ * can be made to {@link WebSecurity} by implementing {@link WebSecurityConfigurer} and
+ * exposing it as a {@link Configuration} or exposing a {@link WebSecurityCustomizer}
+ * bean. This configuration is imported when using {@link EnableWebSecurity}.
  *
  * @author Rob Winch
  * @author Keesun Baik
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
index 44a8e840216..1b2eb3fc7c6 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
@@ -25,7 +25,7 @@
 import org.springframework.security.authentication.AuthenticationDetailsSource;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.security.web.PortMapper;
@@ -307,14 +307,14 @@ public void configure(B http) throws Exception {
 	/**
 	 * <p>
 	 * Specifies the URL to send users to if login is required. If used with
-	 * {@link WebSecurityConfigurerAdapter} a default login page will be generated when
-	 * this attribute is not specified.
+	 * {@link EnableWebSecurity} a default login page will be generated when this
+	 * attribute is not specified.
 	 * </p>
 	 *
 	 * <p>
 	 * If a URL is specified or this is not being used in conjunction with
-	 * {@link WebSecurityConfigurerAdapter}, users are required to process the specified
-	 * URL to generate a login page.
+	 * {@link EnableWebSecurity}, users are required to process the specified URL to
+	 * generate a login page.
 	 * </p>
 	 */
 	protected T loginPage(String loginPage) {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
index 95bea02fcf5..503851628d1 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -22,7 +22,7 @@
 import javax.servlet.http.HttpServletRequest;
 
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
 import org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter;
@@ -30,7 +30,7 @@
 
 /**
  * Adds a Filter that will generate a login page if one is not specified otherwise when
- * using {@link WebSecurityConfigurerAdapter}.
+ * using {@link EnableWebSecurity}.
  *
  * <p>
  * By default an
@@ -64,7 +64,7 @@
  *
  * @author Rob Winch
  * @since 3.2
- * @see WebSecurityConfigurerAdapter
+ * @see EnableWebSecurity
  */
 public final class DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>>
 		extends AbstractHttpConfigurer<DefaultLoginPageConfigurer<H>, H> {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurer.java
index 32db2e8f16b..861288c2a5a 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2013 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,7 +18,7 @@
 
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler;
 import org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler;
@@ -84,15 +84,15 @@ public FormLoginConfigurer() {
 	/**
 	 * <p>
 	 * Specifies the URL to send users to if login is required. If used with
-	 * {@link WebSecurityConfigurerAdapter} a default login page will be generated when
-	 * this attribute is not specified.
+	 * {@link EnableWebSecurity} a default login page will be generated when this
+	 * attribute is not specified.
 	 * </p>
 	 *
 	 * <p>
 	 * If a URL is specified or this is not being used in conjunction with
-	 * {@link WebSecurityConfigurerAdapter}, users are required to process the specified
-	 * URL to generate a login page. In general, the login page should create a form that
-	 * submits a request with the following requirements to work with
+	 * {@link EnableWebSecurity}, users are required to process the specified URL to
+	 * generate a login page. In general, the login page should create a form that submits
+	 * a request with the following requirements to work with
 	 * {@link UsernamePasswordAuthenticationFilter}:
 	 * </p>
 	 *
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
index bd20c509536..3caa6e2d7e6 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -26,7 +26,7 @@
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.header.HeaderWriter;
 import org.springframework.security.web.header.HeaderWriterFilter;
 import org.springframework.security.web.header.writers.CacheControlHeadersWriter;
@@ -50,7 +50,7 @@
 /**
  * <p>
  * Adds the Security HTTP headers to the response. Security HTTP headers is activated by
- * default when using {@link WebSecurityConfigurerAdapter}'s default constructor.
+ * default when using {@link EnableWebSecurity}'s default constructor.
  * </p>
  *
  * <p>
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
index ad4e1c082ba..0fd48f181df 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
@@ -22,10 +22,8 @@
 import org.springframework.context.ApplicationContext;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.RememberMeAuthenticationProvider;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
@@ -150,13 +148,10 @@ public RememberMeConfigurer<H> useSecureCookie(boolean useSecureCookie) {
 
 	/**
 	 * Specifies the {@link UserDetailsService} used to look up the {@link UserDetails}
-	 * when a remember me token is valid. The default is to use the
-	 * {@link UserDetailsService} found by invoking
-	 * {@link HttpSecurity#getSharedObject(Class)} which is set when using
-	 * {@link WebSecurityConfigurerAdapter#configure(AuthenticationManagerBuilder)}. When
-	 * using a {@link org.springframework.security.web.SecurityFilterChain} bean, the
-	 * default is to look for a {@link UserDetailsService} bean. Alternatively, one can
-	 * populate {@link #rememberMeServices(RememberMeServices)}.
+	 * when a remember me token is valid. When using a
+	 * {@link org.springframework.security.web.SecurityFilterChain} bean, the default is
+	 * to look for a {@link UserDetailsService} bean. Alternatively, one can populate
+	 * {@link #rememberMeServices(RememberMeServices)}.
 	 * @param userDetailsService the {@link UserDetailsService} to configure
 	 * @return the {@link RememberMeConfigurer} for further customization
 	 * @see AbstractRememberMeServices
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java
index b557664d4d0..3309734cf0c 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java
@@ -24,13 +24,11 @@
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
 import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.Http403ForbiddenEntryPoint;
 import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider;
 import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
@@ -144,10 +142,7 @@ public X509Configurer<H> userDetailsService(UserDetailsService userDetailsServic
 
 	/**
 	 * Specifies the {@link AuthenticationUserDetailsService} to use. If not specified,
-	 * the shared {@link UserDetailsService} will be used to create a
-	 * {@link UserDetailsByNameServiceWrapper}. If a {@link SecurityFilterChain} bean is
-	 * used instead of the {@link WebSecurityConfigurerAdapter}, then the
-	 * {@link UserDetailsService} bean will be used by default.
+	 * then the {@link UserDetailsService} bean will be used by default.
 	 * @param authenticationUserDetailsService the
 	 * {@link AuthenticationUserDetailsService} to use
 	 * @return the {@link X509Configurer} for further customizations
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
index 0d618ce01e8..5acc17bcf31 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2019 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -31,7 +31,7 @@
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer;
 import org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer;
 import org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer;
@@ -61,29 +61,29 @@
  * <h2>Example Configuration</h2>
  *
  * <pre>
- *
  * &#064;Configuration
  * &#064;EnableWebSecurity
- * public class OpenIDLoginConfig extends WebSecurityConfigurerAdapter {
+ * public class OpenIDLoginConfig {
  *
- * 	&#064;Override
- * 	protected void configure(HttpSecurity http) {
+ * 	&#064;Bean
+ * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
  * 		http
  * 			.authorizeRequests()
  * 				.antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
  * 				.and()
  * 			.openidLogin()
  * 				.permitAll();
+ * 		return http.build();
  * 	}
  *
- * 	&#064;Override
- * 	protected void configure(AuthenticationManagerBuilder auth)(
- * 			AuthenticationManagerBuilder auth) throws Exception {
- * 		auth
- * 			.inMemoryAuthentication()
- * 				.withUser(&quot;https://www.google.com/accounts/o8/id?id=lmkCn9xzPdsxVwG7pjYMuDgNNdASFmobNkcRPaWU&quot;)
- * 					.password(&quot;password&quot;)
- * 					.roles(&quot;USER&quot;);
+ * 	&#064;Bean
+ * 	public UserDetailsService userDetailsService() {
+ * 		UserDetails user = User.withDefaultPasswordEncoder()
+ * 			.username(&quot;https://www.google.com/accounts/o8/id?id=lmkCn9xzPdsxVwG7pjYMuDgNNdASFmobNkcRPaWU&quot;)
+ * 			.password(&quot;password&quot;)
+ * 			.roles(&quot;USER&quot;)
+ * 			.build();
+ * 		return new InMemoryUserDetailsManager(user);
  * 	}
  * }
  * </pre>
@@ -229,14 +229,14 @@ public OpenIDLoginConfigurer<H> loginProcessingUrl(String loginProcessingUrl) {
 	/**
 	 * <p>
 	 * Specifies the URL to send users to if login is required. If used with
-	 * {@link WebSecurityConfigurerAdapter} a default login page will be generated when
-	 * this attribute is not specified.
+	 * {@link EnableWebSecurity} a default login page will be generated when this
+	 * attribute is not specified.
 	 * </p>
 	 *
 	 * <p>
 	 * If a URL is specified or this is not being used in conjunction with
-	 * {@link WebSecurityConfigurerAdapter}, users are required to process the specified
-	 * URL to generate a login page.
+	 * {@link EnableWebSecurity}, users are required to process the specified URL to
+	 * generate a login page.
 	 * </p>
 	 *
 	 * <ul>