Both `@EnableGlobalMethodSecurity` & extending `WebSecurityConfigurerAdapter` have been deprecated. Also there's encouragement to adopt the `HttpSecurity` lambda ds.l

varadvk / jwt-youtube

7 stars 9 forks source link

Both `@EnableGlobalMethodSecurity` & extending `WebSecurityConfigurerAdapter` have been deprecated. Also there's encouragement to adopt the `HttpSecurity` lambda ds.l #2

Open edugreat opened 1 year ago

edugreat commented 1 year ago

The spring core team has encouraged the use of component based configurations as extending WebSecurityConfigurerAdapter has been deprecated. Also @EnableGlobalMethodSecurity has been replaced by @EnableMethodSecurity

edugreat commented 1 year ago

There may be a case of cyclic dependency after applying this change. To get around with that, I simply lazy load the bean AuthenticationManager in the JwtService using constructor injection.


@Autowired
public JwtService(/* other dependencies */ ,@Lazy AuthenticationManager authenticationManager) {
    // Your code here
}