I was using spring boot application running on version 2.x.x, now planning to upgrade the version to 3.3.0. But its throwing below error. My configuration file is as shown below but its not working, can someone please help me on this.
import com.connect.bytr.api.constants.BYTRConstants;
import com.connect.bytr.api.filters.AuthenticationFilter;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import javax.servlet.http.HttpServletResponse;
@RequiredArgsConstructor
@EnableWebSecurity
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig {
private final AuthenticationFilter authenticationFilter;
private final String[] AUTH_WHITELIST = {
"/v2/api-docs",
"/configuration/ui",
"/configuration/security",
"/webjars/**"
};
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf()
.disable()
.authorizeRequests()
.antMatchers(AUTH_WHITELIST)
.permitAll()
.anyRequest()
.authenticated()
.and()
.exceptionHandling()
.authenticationEntryPoint(unauthorizedEntryPoint())
.and()
.addFilterBefore(authenticationFilter, BasicAuthenticationFilter.class);
return http.build();
}
@Bean
public AuthenticationEntryPoint unauthorizedEntryPoint() {
return (request, response, authException) ->
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, BYTRConstants.UNAUTHORIZED);
}
}
Below is the error log
warning: [removal] and() in
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry has been deprecated and marked for removal
.anyRequest().authenticated().and()
warning: [removal] exception
Handling() in HttpSecurity has been deprecated and marked for removal
.exceptionHandling()
warning: [removal] and() in
SecurityConfigurerAdapter has been deprecated and marked for removal
.and()
Please help me on this thank you in advance.