Updated to Spring Security 5.7.3 - resolved deprecated code

Author: darbyluv2code

07-spring-security-5/solution-code-spring-security-demo-07-user-roles-display-content-based-on-roles/pom.xml

@@ -3,15 +3,15 @@
 <modelVersion>4.0.0</modelVersion>
 
 <groupId>com.luv2code</groupId>
-<artifactId>spring-security-demo</artifactId>
+<artifactId>spring-security-demo-07-user-roles-display-content-based-on-roles</artifactId>
 <version>1.0</version>
 <packaging>war</packaging>
 
-<name>spring-security-demo</name>
+<name>spring-security-demo-07-user-roles-display-content-based-on-roles</name>
 
 <properties>
-<springframework.version>5.0.17.RELEASE</springframework.version>
-<springsecurity.version>5.0.0.RELEASE</springsecurity.version>
+<springframework.version>5.3.22</springframework.version>
+<springsecurity.version>5.7.3</springsecurity.version>
 
 <maven.compiler.source>1.8</maven.compiler.source>
 <maven.compiler.target>1.8</maven.compiler.target>

07-spring-security-5/solution-code-spring-security-demo-07-user-roles-display-content-based-on-roles/src/main/java/com/luv2code/springsecurity/demo/config/DemoSecurityConfig.java

@@ -1,53 +1,70 @@
+
 package com.luv2code.springsecurity.demo.config;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.User.UserBuilder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @EnableWebSecurity
-public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
-
-@Override
-protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-
-// add our users for in memory authentication
-
-UserBuilder users = User.withDefaultPasswordEncoder();
-
-auth.inMemoryAuthentication()
-.withUser(users.username("john").password("test123").roles("EMPLOYEE"))
-.withUser(users.username("mary").password("test123").roles("EMPLOYEE", "MANAGER"))
-.withUser(users.username("susan").password("test123").roles("EMPLOYEE", "ADMIN"));
-}
+public class DemoSecurityConfig {
 
-@Override
-protected void configure(HttpSecurity http) throws Exception {
+ @Bean
+ public InMemoryUserDetailsManager userDetailsService() {
+ 
+ UserDetails john = User.builder()
+ .username("john")
+ .password("{noop}test123")
+ .roles("EMPLOYEE")
+ .build();
 
-http.authorizeRequests()
-.antMatchers("/").hasRole("EMPLOYEE")
-.antMatchers("/leaders/**").hasRole("MANAGER")
-.antMatchers("/systems/**").hasRole("ADMIN")
-.and()
-.formLogin()
-.loginPage("/showMyLoginPage")
-.loginProcessingUrl("/authenticateTheUser")
-.permitAll()
-.and()
-.logout().permitAll()
-.and()
-.exceptionHandling().accessDeniedPage("/access-denied");
-
-}
-
-}
+ UserDetails mary = User.builder()
+ .username("mary")
+ .password("{noop}test123")
+ .roles("EMPLOYEE", "MANAGER")
+ .build();
 
+ UserDetails susan = User.builder()
+ .username("susan")
+ .password("{noop}test123")
+ .roles("EMPLOYEE", "MANAGER", "ADMIN")
+ .build();
+ 
+ return new InMemoryUserDetailsManager(john, mary, susan);
+ 
+ }
 
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ 
+ return http
+ .authorizeRequests(configurer ->
+ configurer
+	.antMatchers("/").hasRole("EMPLOYEE")
+	.antMatchers("/leaders/**").hasRole("MANAGER")
+	.antMatchers("/systems/**").hasRole("ADMIN"))
 
+ .formLogin(configurer ->
+ configurer
+ .loginPage("/showMyLoginPage")
+ .loginProcessingUrl("/authenticateTheUser")
+ .permitAll())
 
+ .logout(configurer -> 
+ configurer
+	.permitAll())
 
+ .exceptionHandling(configurer ->
+ configurer
+	.accessDeniedPage("/access-denied"))
 
+ .build();
+ 
+ }
+ 
+}