In Spring Security 5.4 we introduced the ability to configure HttpSecurity by creating a SecurityFilterChain bean.
WebSecurityConfigurerAdapter
를 class에 상속Below is an example configuration using the WebSecurityConfigurerAdapter that secures all endpoints with HTTP Basic:
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests((authz) -> authz
.anyRequest().authenticated()
)
.httpBasic(withDefaults());
}
}
SecurityFilterChain
bean을 등록Going forward, the recommended way of doing this is registering a SecurityFilterChain bean:
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests((authz) -> authz
.anyRequest().authenticated()
)
.httpBasic(withDefaults());
}
}