-
Classes Class Description org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter Use aSecurityFilterChain
Bean to configureHttpSecurity
or aWebSecurityCustomizer
Bean to configureWebSecurity
.@Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http .authorizeHttpRequests((authz) -> authz.anyRequest().authenticated() ); // ... return http.build(); } @Bean public WebSecurityCustomizer webSecurityCustomizer() { return (web) -> web.ignoring().antMatchers("/resources/**"); }
See the Spring Security without WebSecurityConfigurerAdapter for more details.org.springframework.security.config.annotation.web.configurers.oauth2.client.ImplicitGrantConfigurer It is not recommended to use the implicit flow due to the inherent risks of returning access tokens in an HTTP redirect without any confirmation that it has been received by the client. See reference OAuth 2.0 Implicit Grant.org.springframework.security.config.annotation.web.configurers.openid.OpenIDLoginConfigurer The OpenID 1.0 and 2.0 protocols have been deprecated and users are encouraged to migrate to OpenID Connect, which is supported byspring-security-oauth2
.org.springframework.security.config.annotation.web.servlet.configuration.WebMvcSecurityConfiguration This is applied internally using SpringWebMvcImportSelector
-
Annotation Types Annotation Type Description org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity Use EnableWebSecurity instead which will automatically add the Spring MVC related Security items.