Skip to content

Configure HTTP Security without extending WebSecurityConfigurerAdapter #8804

New issue
New issue
Closed
#8805
Closed
Configure HTTP Security without extending WebSecurityConfigurerAdapter#8804
#8805
Assignees
eleftherias
Labels
in: webAn issue in web modules (web, webmvc)type: enhancementA general enhancement
Milestone
 
5.4.0-RC1
@eleftherias

Description

@eleftherias
eleftherias
opened on Jul 7, 2020

Expected Behavior

Similar to the WebFlux security configuration, we should add the capability to configure HTTP Security by registering a SecurityFilterChain bean, in Servlet applications.

@Bean
SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
	return http
			.antMatcher("/**")
			.authorizeRequests(authorize -> authorize
					.anyRequest().authenticated()
			)
			.build();
}

Current Behavior

The equivalent configuration by extending the WebSecurityConfigurerAdapter looks like this

@Configuration
static class SecurityConfig extends WebSecurityConfigurerAdapter {
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http
			.antMatcher("/**")
			.authorizeRequests(authorize -> authorize
					.anyRequest().authenticated()
			);
	}
}

Metadata

Metadata

Assignees

Labels

in: webAn issue in web modules (web, webmvc)type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions