Spring Security 6.x
Categories
Composite Recipes
Recipes that include further recipes, often including the individual recipes below.
- Migrate to Spring Security 6.0
- Migrate to Spring Security 6.1
- Migrate to Spring Security 6.2
- Migrate to Spring Security 6.3
- Migrate to Spring Security 6.4
Recipes
- Convert
HttpSecurity::applychained calls intoHttpSecurity::withLambda DSL - Keep the default RequestCache querying behavior in Spring Security 5
- Remove calls matching
AuthenticationEntryPointFailureHandler.setRethrowAuthenticationServiceException(true) - Remove explicit
SecurityContextConfigurer.requireExplicitSave(true)opt-in - Remove explicit configuration of SHA-256 as encoding and matching algorithm for
TokenBasedRememberMeServices - Remove the
useAuthorizationManager=trueattribute from@EnableReactiveMethodSecurity - Remove unnecessary
filterSecurityInterceptorOncePerRequest(false)when upgrading to Spring Security 6 - Remove unnecessary
use-authorization-managerfor message security in Spring security 6 - Remove unneeded
oauth2Loginconfig when upgrading to Spring Security 6