In Spring Security 6, defaults use-authorization-manager to true. So, the 'use-authorization-manager' attribute for message security is no longer needed and can be removed.
This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-spring:5.7.0 in your build file or by running a shell command (in which case no build changes are needed):
---type:specs.openrewrite.org/v1beta/recipename:org.openrewrite.java.spring.security6.RemoveUseAuthorizationManagerdisplayName:Remove unnecessary `use-authorization-manager` for message security in Spring security 6description: In Spring Security 6, <websocket-message-broker> defaults use-authorization-manager to true. So, the 'use-authorization-manager' attribute for message security is no longer needed and can be removed.
tags: - spring - securityrecipeList: - org.openrewrite.xml.ChangeTagAttribute:elementName:websocket-message-brokerattributeName:use-authorization-manageroldValue:true
See how this recipe works across multiple open-source repositories
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.