marcusdacoregio
commented
10 months ago Hi, @Vijay-Lee. I'm not sure if I understood what the problem is. Is it that the version does not match the branch of is it something related to the deprecation?
Closed Vijay-Lee closed 10 months ago
marcusdacoregio
commented
10 months ago Hi, @Vijay-Lee. I'm not sure if I understood what the problem is. Is it that the version does not match the branch of is it something related to the deprecation?
Vijay-Lee
commented
10 months ago Dear @marcusdacoregio ,thanks for your reply! My problem is that the version does not match the branch. I would like to see how JWT certification is implemented, based on version 6.2.0,but I can't find an example.
marcusdacoregio
commented
10 months ago This sample is using Spring Security 6.2.0 via Spring Boot 3.2.0, you can check the versions here
The branch is 6.2.x, but the dependency is 6.1.1。 the address is spring/security-samples/servlet/spring-boot/java/jwt/login/gradle.properties。 The dependency version I introduced was spring-security:6.2.0,I then wrote the JWT certification based on the example,but
org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer#jwt()Has been marked as deprecated。Here's my code@Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { // @formatter:off http .authorizeHttpRequests((authorize) -> authorize .anyRequest().authenticated() ) .csrf((csrf) -> csrf.ignoringRequestMatchers("/token")) .httpBasic(Customizer.withDefaults()) .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt) .sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .exceptionHandling((exceptions) -> exceptions .authenticationEntryPoint(new BearerTokenAuthenticationEntryPoint()) .accessDeniedHandler(new BearerTokenAccessDeniedHandler()) ); // @formatter:on return http.build(); }