Spring Security 6: cors() is deprecated and marked for removal
php editor Yuzai tells you an important news: in Spring Security version 6, the cors() method has been deprecated and marked for deletion. The cors() method is used to handle the configuration of cross-domain resource sharing. However, in the new version, the Spring Security team decided to remove this method and introduce a more powerful cross-domain solution. This change is an important change for developers who use Spring Security, and they need to understand and upgrade their code in a timely manner to adapt to the changes in the new version.
Question content
I have the following code:
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http
.httpBasic().disable()
.cors().and().csrf().disable()
.authorizeHttpRequests()
.requestMatchers("/register")
.permitAll()
.and()
.authorizeHttpRequests()
.requestMatchers("/users")
.hasAnyAuthority("USER", "ADMIN")
.and().formLogin().and().build();
}Please help me make this feature work
Workaround
According to the Migration Guide and additionally configure to the latest version, securityfilterchain should have the next body.
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http.csrf(AbstractHttpConfigurer::disable)
.cors(AbstractHttpConfigurer::disable)
.authorizeHttpRequests(request -> {
request.requestMatchers("/register").permitAll();
request.requestMatchers("/users")
.hasAnyAuthority("USER", "ADMIN");
}).formLogin(Customizer.withDefaults()).build();
}Please also read/check the above documentation reference. By the way, there are a lot of posts here on Stack Overflow about migrating to the latest version of the framework.
The above is the detailed content of Spring Security 6: cors() is deprecated and marked for removal. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Spring Security 6: cors() is deprecated and marked for removal
Feb 10, 2024 pm 11:45 PM
I have the following code: publicSecurityFilterChainsecurityFilterChain(HttpSecurityhttp)throwsException{returnhttp.httpBasic().disable().cors().and().csrf().disable().authorizeHttpRequests().requestMatchers("
How to develop a Spring Security SAML-based single sign-on system using Java
Sep 22, 2023 am 08:49 AM
How to use Java to develop a single sign-on system based on SpringSecuritySAML Introduction: With the rapid development of the Internet, more and more applications are developed. In these applications, user login is one of the most common features. However, for enterprise-level applications, users need to log in in multiple systems, which will lead to a very poor user login experience. In order to solve this problem, the single sign-on system (SingleSign-On, referred to as SSO) came into being. simple
Do C++ lambda expressions support recursion?
Apr 17, 2024 pm 09:06 PM
Yes, C++ Lambda expressions can support recursion by using std::function: Use std::function to capture a reference to a Lambda expression. With a captured reference, a Lambda expression can call itself recursively.
Golang+CGO using ucontext crashes (intentionally) with SIGSEGV or SIGTRAP when using different stacks
Feb 09, 2024 pm 12:15 PM
I'm currently writing a Golang+CGO program and will be using posixucontext in CGO. Since all my core logic will be in ucontext's bind function, we should catch all errors in the code. I tested it by accessing a null pointer, which gave me completely different behavior, all depending on the stack location used by the ucontext. Below are more details with simplified examples. If I allocate the ucontext stack on the thread's stack, it triggers SIGSEGV. But if I allocate it on the heap, it triggers SIGSEGV first and then SIGT when morestack_noctxt is called
Why does c++ crash when it starts executing?
Apr 22, 2024 pm 05:57 PM
Reasons for a C++ program to crash when starting include: missing required libraries or dependencies, uninitialized pointers or reference stack overflows, segfaults, operating system configuration issues, program errors, hardware issues
How to solve C++ runtime error: 'stack overflow'?
Aug 25, 2023 pm 10:00 PM
How to solve the C++ runtime error: 'stackoverflow' In a C++ program, when the recursion level is too deep or the memory used by the program exceeds the stack capacity, a runtime error "stackoverflow" will occur. When this error occurs, the program crashes, and it is difficult to identify the specific cause. This article will introduce some ways to solve 'stackoverflow' errors and provide some code examples. The main cause of the runtime error "stackoverflow" is that within the stack
GO authenticate access token (keycloak)
Feb 09, 2024 am 09:30 AM
I'm trying to implement access token validation using GO. But the examples I've seen online seem to just use TOKEN_SECRET to verify it. But I'm used to programming in Javaspring and don't need to use TOKEN_SECRET. I just provide the jwk-set-uri and it checks for validity (auto-security filters etc.) and I know it talks to the oauth server and does this validation. Is there no library in Go to check if the token is valid by making a request to the oauth server? I know I know I can do this manually by making a request to the oauth server's userinfo endpoint: http://localh
Recursive implementation of C++ functions: Comparative analysis of recursive and non-recursive algorithms?
Apr 22, 2024 pm 03:18 PM
The recursive algorithm solves structured problems through function self-calling. The advantage is that it is simple and easy to understand, but the disadvantage is that it is less efficient and may cause stack overflow. The non-recursive algorithm avoids recursion by explicitly managing the stack data structure. The advantage is that it is more efficient and avoids the stack. Overflow, the disadvantage is that the code may be more complex. The choice of recursive or non-recursive depends on the problem and the specific constraints of the implementation.