Deprecated WebSecurityConfigurerAdapter - KeyCloak section

Question

Deprecated WebSecurityConfigurerAdapter - KeyCloak section

ntn0de opened this issue a year ago · comments

Having trouble signing in on eureka web. Seems like they have deprecated WebSecurityConfigurerAdapter
https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter

ntn0de · Answer 1 · Tue Jan 31 2023 14:00:37 GMT+0800 (China Standard Time)

Changed the following:

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Value("${app.eureka.username}")
    private String username;
    @Value("${app.eureka.password}")
    private String password;

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .passwordEncoder(NoOpPasswordEncoder.getInstance())
                .withUser(username).password(password)
                .authorities("USER");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .authorizeRequests().anyRequest()
                .authenticated()
                .and()
                .httpBasic();
    }
}

TO

@Configuration
@EnableWebSecurity
public class SecurityConfig {
    @Value("${app.eureka.username")
    private String username;
    @Value("${app.eureka.password")
    private String password;

    @Bean
    public InMemoryUserDetailsManager userDetailsService() {
        UserDetails user = User.withDefaultPasswordEncoder()
                .username(username)
                .password(password)
                .authorities("USER")
                .build();
        return new InMemoryUserDetailsManager(user);
    }


    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable()
                .authorizeHttpRequests((auth) -> auth
                        .anyRequest().authenticated()
                )
                .httpBasic(withDefaults());
        return httpSecurity.build();
    }
}

Not sure What I am doing wrong.
When I try to open http://localhost:8080/eureka/web prompt with login , on inputting the creds, it's still unauthorized.

Ian Githua · Answer 2 · Wed Feb 08 2023 21:28:49 GMT+0800 (China Standard Time)

Change the application properties from

app.eureka.username=eureka
app.eureka.password=password

To

spring.security.user.name=eureka
spring.security.user.password=password

Andres Hoyos Garcia · Answer 3 · Sun Feb 19 2023 07:37:40 GMT+0800 (China Standard Time)

Check your user and password @value properties, they are lacking a curly brace!

Sai Subramanyam Upadhyayula · Answer 4 · Wed Mar 01 2023 06:54:51 GMT+0800 (China Standard Time)

Check your user and password @value properties, they are lacking a curly brace!

The repository will soon be updated with latest Spring Boot & Spring Security Changes, the above comment answers the question regarding the problem with login

ntn0de · Answer 5 · Wed Mar 01 2023 13:29:56 GMT+0800 (China Standard Time)

Thanks @andyholes , Such a silly ignorance by me.
Thanks @iangithua for the input.
Thanks @SaiUpadhyayula for the great tutorial, looking forward to more from you!!