Spring Security without WebSecurityConfigurerAdapter | Together Java | Page 1

nimble plumeBOT Aug 11, 2023, 1:04 PM

#

<@&1004656351647117403> please have a look, thanks.

nimble plumeBOT Aug 11, 2023, 1:04 PM

#

nimble plume <@&1004656351647117403> please have a look, thanks.

#

While you are waiting for getting help, here are some tips to improve your experience:

Code is much easier to read if posted with syntax highlighting and proper formatting.

If nobody is calling back, that usually means that your question was not well asked and hence nobody feels confident enough answering. Try to use your time to elaborate, provide details, context, more code, examples and maybe some screenshots. With enough info, someone knows the answer for sure.

Don't forget to close your thread using the command </help-thread close:1027500463647621170> when your question has been answered, thanks.

olive storm Aug 11, 2023, 1:05 PM

#

@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    protected SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        return http
                .csrf((csrf) -> csrf.disable())
                .cors((cors) -> cors.disable())
                .authorizeHttpRequests(
                        (authorizationManagerRequestMatchers -> authorizationManagerRequestMatchers
                                .requestMatchers(HttpMethod.GET, "/", "/open").permitAll()
                                .requestMatchers(HttpMethod.GET, "/secure").hasAnyRole("ADMIN", "USER"))
                ).sessionManagement((sessionManagement) -> sessionManagement
                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                .build();
    }

    @Bean
    public PasswordEncoder encoder() {
        return NoOpPasswordEncoder.getInstance();
    }

    @Bean
    public UserDetailsService userDetailsService() {
        UserDetails user = User.builder()
                .username("user")
                .password("password")
                .roles("USER")
                .build();
        return new InMemoryUserDetailsManager(user);
    }
}

nimble plumeBOT Aug 11, 2023, 1:05 PM

#

olive storm ```java @Configuration @EnableWebSecurity public class SecurityConfig { @Be...

Detected code, here are some useful tools:

Formatted code

@Configuration
@EnableWebSecurity
public class SecurityConfig {
  @Bean
  protected SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
    return http.csrf((csrf) -> csrf.disable()).cors((cors) -> cors.disable()).authorizeHttpRequests((authorizationManagerRequestMatchers -> authorizationManagerRequestMatchers.requestMatchers(HttpMethod.GET, "/", "/open").permitAll().requestMatchers(HttpMethod.GET, "/secure").hasAnyRole("ADMIN", "USER"))).sessionManagement((sessionManagement) -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)).build();
  }
  @Bean
  public PasswordEncoder encoder() {
    return NoOpPasswordEncoder.getInstance();
  }
  @Bean
  public UserDetailsService userDetailsService() {
    UserDetails user = User.builder().username("user").password("password").roles("USER").build();
    return new InMemoryUserDetailsManager(user);
  }
}

olive storm Aug 11, 2023, 1:06 PM

#

#

I think error one of these methods

@Bean
  public PasswordEncoder encoder() {
    return NoOpPasswordEncoder.getInstance();
  }
  @Bean
  public UserDetailsService userDetailsService() {
    UserDetails user = User.builder().username("user").password("password").roles("USER").build();
    return new InMemoryUserDetailsManager(user);
  }
}

#

https://stackoverflow.com/questions/76883965/spring-security-without-websecurityconfigureradapter

Stack Overflow

Spring Security without WebSecurityConfigurerAdapter

I wrote code, run it, but when i send request in Postman i get 403 Error
enter image description here
enter image description here
I look for all sites, but i didnt find answers I used those links...

warm venture Aug 11, 2023, 2:26 PM

#

👀

#

hey

#

where is the question?

#Spring Security without WebSecurityConfigurerAdapter