import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
* @param password password
*/
public WebSecurityConfig(
- @Autowired @Value("${permit-uri}") final String permitUris,
+ @Autowired @Value("${security.permit-uri}") final String permitUris,
@Autowired @Value("${security.auth.username}") final String username,
@Autowired @Value("${security.auth.password}") final String password
) {
@SuppressWarnings("squid:S4502")
public SecurityFilterChain filterChain(final HttpSecurity http) throws Exception {
http
- .httpBasic()
- .and()
- .authorizeHttpRequests()
- .requestMatchers(permitUris).permitAll()
- .anyRequest().authenticated()
- .and()
- .csrf().disable();
+ .httpBasic(httpBasicCustomizer -> {})
+ .authorizeHttpRequests(authorizeHttpRequestsCustomizer -> {
+ authorizeHttpRequestsCustomizer.requestMatchers(permitUris).permitAll();
+ authorizeHttpRequestsCustomizer.anyRequest().authenticated();
+ })
+ .csrf(AbstractHttpConfigurer::disable);
return http.build();
}
/**
* In memory user authentication details.
*
- * @return in memory authetication
+ * @return in memory authentication
*/
@Bean
public InMemoryUserDetailsManager userDetailsService() {
Code Review / cps.git / blobdiff