1

this is my code and in order to avoid WebSecurityConfigurerAdapter I used SecuirtyFilterChain and UserDetailsService. Now I'm getting an error for the User.Builder() that can not be defined "The method builder() is undefined for the type User". I have checked many youtube videos and i even downloaded Lombok but not of it were useful.

package com.configuration;


import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

import com.model.User;

@Configuration
public class SecurityConfig {
      @SuppressWarnings({ "deprecation", "removal" })
      @Bean
        public SecurityFilterChain configure(HttpSecurity http) throws Exception {
  
            http
            .csrf().disable()
            .authorizeRequests()
            .requestMatchers(HttpMethod.GET).permitAll()
            .anyRequest().authenticated()
            .and()
            .httpBasic();
        return http.build();
      }
  @Bean
  public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
  }

  @Bean
  public UserDetailsService users() {
    UserDetails user = User.builder()
        .username("user")
        .password("pass")
        .roles("USER")
        .build();
    return new InMemoryUserDetailsManager(user);
  }



}

I could not extend WebSecurityConfigurerAdapter so in that case i start using SecuirtyFilterChain and UserDetailsService since it was announced over spring boot website that can be a good alternative but no matter what i try it will still give errors.

Improve this question

2 Answers 2

Reset to default
2

In your .httpBasic() add next one param something like this .httpBasic(Customizer.withDefaults())

SecurityFilterChain will look so, nothing hard:

  @Bean
  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

      http
          .csrf(AbstractHttpConfigurer::disable);
      http
          .cors(AbstractHttpConfigurer::disable);
          http.authorizeHttpRequests(request -> {
            request.requestMatchers(HttpMethod.GET).permitAll();
            request.anyRequest().authenticated();
              });
          http.httpBasic(Customizer.withDefaults());
      return http.build();
    }

And also you should to have a look here Migration

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

maybe try using withDefaultPasswordEncoder() instead of builder(). and you must add the @EnableWebSecurity annotation to enable the web securities defined by WebSecurityConfigurerAdapter.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.