2 年之前 · 456419bff0
--- a/servlet/java-configuration/authentication/preauth/build.gradle
+++ b/servlet/java-configuration/authentication/preauth/build.gradle
@@ -1,7 +1,7 @@
 
				 plugins {
			
 
				 	id "java"
			
 
				 	id "nebula.integtest" version "8.2.0"
			
 
				-	id "org.gretty" version "3.0.6"
			
 
				+	id "org.gretty" version "4.0.0"
			
 
				 	id "war"
			
 
				 }
			
 
				 
			
@@ -16,14 +16,14 @@ repositories {
 
				 ext["micrometer.version"] = "1.10.0-SNAPSHOT"
			
 
				 
			
 
				 dependencies {
			
 
				-	implementation platform("org.springframework:spring-framework-bom:5.3.0")
			
 
				-	implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
			
 
				+	implementation platform("org.springframework:spring-framework-bom:6.0.0-SNAPSHOT")
			
 
				+	implementation platform("org.springframework.security:spring-security-bom:6.0.0-SNAPSHOT")
			
 
				 	implementation platform("org.junit:junit-bom:5.7.0")
			
 
				 
			
 
				 	implementation "org.springframework.security:spring-security-config"
			
 
				 	implementation "org.springframework.security:spring-security-web"
			
 
				 	implementation "org.springframework:spring-webmvc"
			
 
				-	implementation "org.thymeleaf:thymeleaf-spring5:3.0.11.RELEASE"
			
 
				+	implementation "org.thymeleaf:thymeleaf-spring6:3.1.0.M3"
			
 
				 
			
 
				 	testImplementation "org.assertj:assertj-core:3.18.0"
			
 
				 	testImplementation "org.springframework:spring-test"
			
--- a/servlet/java-configuration/authentication/preauth/gradle/gretty.gradle
+++ b/servlet/java-configuration/authentication/preauth/gradle/gretty.gradle
@@ -1,5 +1,5 @@
 
				 gretty {
			
 
				-	servletContainer = "tomcat9"
			
 
				+	servletContainer = "tomcat10"
			
 
				 	contextPath = "/"
			
 
				 	fileLogEnabled = false
			
 
				 	integrationTestTask = 'integrationTest'
			
@@ -38,4 +38,4 @@ project.tasks.matching { it.name == "integrationTest" }.all {
 
				 		integrationTest.systemProperty 'app.httpBaseURI', httpBaseUrl
			
 
				 		integrationTest.systemProperty 'app.httpsBaseURI', httpsBaseUrl
			
 
				 	}
			
 
				-}
			
 
				+}
			
--- a/servlet/java-configuration/authentication/preauth/src/main/java/example/MvcWebApplicationInitializer.java
+++ b/servlet/java-configuration/authentication/preauth/src/main/java/example/MvcWebApplicationInitializer.java
@@ -16,7 +16,7 @@
 
				 
			
 
				 package example;
			
 
				 
			
 
				-import javax.servlet.Filter;
			
 
				+import jakarta.servlet.Filter;
			
 
				 
			
 
				 import org.springframework.web.filter.HiddenHttpMethodFilter;
			
 
				 import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
			
--- a/servlet/java-configuration/authentication/preauth/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/java-configuration/authentication/preauth/src/main/java/example/SecurityConfiguration.java
@@ -34,7 +34,7 @@ public class SecurityConfiguration {
 
				 		// @formatter:off
			
 
				 		http
			
 
				 				.authorizeHttpRequests((authorize) -> authorize
			
 
				-						.antMatchers("/login", "/resources/**").permitAll()
			
 
				+						.requestMatchers("/login", "/resources/**").permitAll()
			
 
				 						.anyRequest().authenticated()
			
 
				 				)
			
 
				 				.jee((jee) -> jee.mappableRoles("USER", "ADMIN"));
			
--- a/servlet/java-configuration/authentication/preauth/src/main/java/example/WebMvcConfiguration.java
+++ b/servlet/java-configuration/authentication/preauth/src/main/java/example/WebMvcConfiguration.java
@@ -16,10 +16,10 @@
 
				 
			
 
				 package example;
			
 
				 
			
 
				-import org.thymeleaf.spring5.ISpringTemplateEngine;
			
 
				-import org.thymeleaf.spring5.SpringTemplateEngine;
			
 
				-import org.thymeleaf.spring5.templateresolver.SpringResourceTemplateResolver;
			
 
				-import org.thymeleaf.spring5.view.ThymeleafViewResolver;
			
 
				+import org.thymeleaf.spring6.ISpringTemplateEngine;
			
 
				+import org.thymeleaf.spring6.SpringTemplateEngine;
			
 
				+import org.thymeleaf.spring6.templateresolver.SpringResourceTemplateResolver;
			
 
				+import org.thymeleaf.spring6.view.ThymeleafViewResolver;
			
 
				 import org.thymeleaf.templatemode.TemplateMode;
			
 
				 import org.thymeleaf.templateresolver.ITemplateResolver;
			
 
				 
			
--- a/servlet/spring-boot/java/authentication/username-password/mfa/src/main/java/example/SecurityConfig.java
+++ b/servlet/spring-boot/java/authentication/username-password/mfa/src/main/java/example/SecurityConfig.java
@@ -47,8 +47,8 @@ public class SecurityConfig {
 
				 		// @formatter:off
			
 
				 		http
			
 
				 			.authorizeHttpRequests((authorize) -> authorize
			
 
				-				.antMatchers("/favicon.ico").permitAll()
			
 
				-				.mvcMatchers("/second-factor", "/third-factor").access(mfaAuthorizationManager)
			
 
				+				.requestMatchers("/favicon.ico").permitAll()
			
 
				+				.requestMatchers("/second-factor", "/third-factor").access(mfaAuthorizationManager)
			
 
				 				.anyRequest().authenticated()
			
 
				 			)
			
 
				 			.formLogin((form) -> form
			
--- a/servlet/spring-boot/java/oauth2/resource-server/hello-security/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/hello-security/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@@ -43,8 +43,8 @@ public class OAuth2ResourceServerSecurityConfiguration {
 
				 		// @formatter:off
			
 
				 		http
			
 
				 				.authorizeHttpRequests((authorize) -> authorize
			
 
				-						.antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
			
 
				-						.antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
			
 
				+						.requestMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
			
 
				+						.requestMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
			
 
				 						.anyRequest().authenticated()
			
 
				 				)
			
 
				 				.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
			
--- a/servlet/spring-boot/java/oauth2/resource-server/jwe/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/jwe/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@@ -75,7 +75,7 @@ public class OAuth2ResourceServerSecurityConfiguration {
 
				 		// @formatter:off
			
 
				 		http
			
 
				 				.authorizeHttpRequests((authorize) -> authorize
			
 
				-						.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
			
 
				+						.requestMatchers("/message/**").hasAuthority("SCOPE_message:read")
			
 
				 						.anyRequest().authenticated()
			
 
				 				)
			
 
				 				.oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()));
			
--- a/servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/multi-tenancy/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@@ -48,7 +48,7 @@ public class OAuth2ResourceServerSecurityConfiguration {
 
				 		// @formatter:off
			
 
				 		http
			
 
				 			.authorizeHttpRequests((authorize) -> authorize
			
 
				-				.mvcMatchers("/**/message/**").hasAuthority("SCOPE_message:read")
			
 
				+				.requestMatchers("/**/message/**").hasAuthority("SCOPE_message:read")
			
 
				 				.anyRequest().authenticated()
			
 
				 			)
			
 
				 			.oauth2ResourceServer((oauth2) -> oauth2
			
--- a/servlet/spring-boot/java/oauth2/resource-server/opaque/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/opaque/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@@ -46,8 +46,8 @@ public class OAuth2ResourceServerSecurityConfiguration {
 
				 		// @formatter:off
			
 
				 		http
			
 
				 				.authorizeHttpRequests((authorize) -> authorize
			
 
				-						.mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
			
 
				-						.mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
			
 
				+						.requestMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
			
 
				+						.requestMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
			
 
				 						.anyRequest().authenticated()
			
 
				 				)
			
 
				 				.oauth2ResourceServer((oauth2) -> oauth2
			
--- a/servlet/spring-boot/java/oauth2/resource-server/static/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/resource-server/static/src/main/java/example/OAuth2ResourceServerSecurityConfiguration.java
@@ -41,7 +41,7 @@ public class OAuth2ResourceServerSecurityConfiguration {
 
				 		// @formatter:off
			
 
				 		http
			
 
				 				.authorizeHttpRequests((authorize) -> authorize
			
 
				-						.mvcMatchers("/message/**").hasAuthority("SCOPE_message:read")
			
 
				+						.requestMatchers("/message/**").hasAuthority("SCOPE_message:read")
			
 
				 						.anyRequest().authenticated()
			
 
				 				)
			
 
				 				.oauth2ResourceServer((oauth2) -> oauth2
			
--- a/servlet/spring-boot/java/oauth2/webclient/src/main/java/example/SecurityConfiguration.java
+++ b/servlet/spring-boot/java/oauth2/webclient/src/main/java/example/SecurityConfiguration.java
@@ -41,7 +41,7 @@ public class SecurityConfiguration {
 
				 		// @formatter:off
			
 
				 		http
			
 
				 				.authorizeHttpRequests((authorize) -> authorize
			
 
				-						.mvcMatchers("/", "/public/**").permitAll()
			
 
				+						.requestMatchers("/", "/public/**").permitAll()
			
 
				 						.anyRequest().authenticated()
			
 
				 				)
			
 
				 				.formLogin(withDefaults())
			
--- a/servlet/spring-boot/kotlin/hello-security/src/main/kotlin/org/springframework/security/samples/config/SecurityConfig.kt
+++ b/servlet/spring-boot/kotlin/hello-security/src/main/kotlin/org/springframework/security/samples/config/SecurityConfig.kt
@@ -35,8 +35,8 @@ class SecurityConfig {
 
				     @Bean
			
 
				     fun filterChain(http: HttpSecurity): SecurityFilterChain {
			
 
				         http.authorizeRequests()
			
 
				-            .antMatchers("/css/**").permitAll()
			
 
				-            .antMatchers("/user/**").hasAuthority("ROLE_USER")
			
 
				+            .requestMatchers("/css/**").permitAll()
			
 
				+            .requestMatchers("/user/**").hasAuthority("ROLE_USER")
			
 
				             .and()
			
 
				             .formLogin().loginPage("/log-in")
			
 
				         return http.build()