Skip to main content

Want to learn about OpenRewrite directly from the team? Sign up for a free training session.

GitHub Slack Discord Moderne

OpenRewrite by Moderne | Large Scale Automated Refactoring
Running Recipes
Authoring Recipes
Recipe catalog
Reference
Lists
Concepts & explanations
Changelog
Licensing

Recipe catalog
Java
Spring
Spring Security 6.x

Spring Security 6.x

Categories

Oauth2

Composite Recipes

Recipes that include further recipes, often including the individual recipes below.

Migrate to Spring Security 6.0
Migrate to Spring Security 6.1
Migrate to Spring Security 6.2
Migrate to Spring Security 6.3
Migrate to Spring Security 6.4
Migrate to Spring Security 6.4
Migrate to Spring Security 6.5
Migrate to Spring Security 6.5

Recipes

Convert HttpSecurity::apply chained calls into HttpSecurity::with Lambda DSL
Keep the default RequestCache querying behavior in Spring Security 5
Migrate antPathRequestMatcher to pathPatternRequestMatcher
Remove calls matching AuthenticationEntryPointFailureHandler.setRethrowAuthenticationServiceException(true)
Remove explicit SecurityContextConfigurer.requireExplicitSave(true) opt-in
Remove explicit configuration of SHA-256 as encoding and matching algorithm for TokenBasedRememberMeServices
Remove the useAuthorizationManager=true attribute from @EnableReactiveMethodSecurity
Remove unnecessary filterSecurityInterceptorOncePerRequest(false) when upgrading to Spring Security 6
Remove unnecessary use-authorization-manager for message security in Spring security 6
Remove unneeded oauth2Login config when upgrading to Spring Security 6

Spring Security 5.4 introduces the ability to configure `HttpSecurity` by creating a `SecurityFilterChain` bean

Convert `HttpSecurity::apply` chained calls into `HttpSecurity::with` Lambda DSL

Categories
Composite Recipes
Recipes

© Moderne, 2025