0

this is my code and in order to avoid WebSecurityConfigurerAdapter I used SecuirtyFilterChain and UserDetailsService. Now I'm getting an error for the User.Builder() that can not be defined "The method builder() is undefined for the type User". I have checked many youtube videos and i even downloaded Lombok but not of it were useful.

package com.configuration;


import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

import com.model.User;

@Configuration
public class SecurityConfig {
      @SuppressWarnings({ "deprecation", "removal" })
      @Bean
        public SecurityFilterChain configure(HttpSecurity http) throws Exception {
  
            http
            .csrf().disable()
            .authorizeRequests()
            .requestMatchers(HttpMethod.GET).permitAll()
            .anyRequest().authenticated()
            .and()
            .httpBasic();
        return http.build();
      }
  @Bean
  public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
  }

  @Bean
  public UserDetailsService users() {
    UserDetails user = User.builder()
        .username("user")
        .password("pass")
        .roles("USER")
        .build();
    return new InMemoryUserDetailsManager(user);
  }



}

I could not extend WebSecurityConfigurerAdapter so in that case i start using SecuirtyFilterChain and UserDetailsService since it was announced over spring boot website that can be a good alternative but no matter what i try it will still give errors.

Anonymous
  • 3
  • 2

2 Answers2

0

In your .httpBasic() add next one param something like this .httpBasic(Customizer.withDefaults())

SecurityFilterChain will look so, nothing hard:

  @Bean
  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

      http
          .csrf(AbstractHttpConfigurer::disable);
      http
          .cors(AbstractHttpConfigurer::disable);
          http.authorizeHttpRequests(request -> {
            request.requestMatchers(HttpMethod.GET).permitAll();
            request.anyRequest().authenticated();
              });
          http.httpBasic(Customizer.withDefaults());
      return http.build();
    }

And also you should to have a look here Migration

Andrei Lisa
  • 1,361
  • 3
  • 11
0

maybe try using withDefaultPasswordEncoder() instead of builder(). and you must add the @EnableWebSecurity annotation to enable the web securities defined by WebSecurityConfigurerAdapter.

Kabil
  • 79
  • 1
  • 8