[Spring Security] 'authorizeRequests()' is deprecated 에러 해결

'authorizeRequests(org. springframework. security. config. Customizer<org. springframework. security. config. annotation. web. configurers. ExpressionUrlAuthorizationConfigurer<org. springframework. security. config. annotation. web. builders. HttpSecurity>.ExpressionInterceptUrlRegistry>)' is deprecated since version 6.1 and marked for remova

난 책 보면서 진도 따라가고 있었기 때문에

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
                .authorizeRequests(auth -> auth
                        .requestMatchers(
                                new AntPathRequestMatcher("/login"),
                                new AntPathRequestMatcher("/signup"),
                                new AntPathRequestMatcher("/user")
                        ).permitAll()
                        .anyRequest().authenticated())
                .formLogin(formLogin -> formLogin
                        .loginPage("/login")
                        .defaultSuccessUrl("/articles")
                ).logout(logout -> logout
                        .logoutSuccessUrl("/login")
                        .invalidateHttpSession(true)
                )
                .csrf(AbstractHttpConfigurer::disable)
                .build();
    }

이렇게 했더니 .authorizeRequests() 가 deprecated되었다고

에러뜸.

https://docs.spring.io/spring-security/reference/servlet/authorization/authorize-http-requests.html

Authorize HttpServletRequests :: Spring Security

While using a concrete AuthorizationManager is recommended, there are some cases where an expression is necessary, like with or with JSP Taglibs. For that reason, this section will focus on examples from those domains. Given that, let’s cover Spring Secu

docs.spring.io

공식 문서 보니까

라고 하네요

@Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
                .authorizeHttpRequests(auth -> auth
                        .requestMatchers("/login", "/signup", "/user").permitAll()
                        .anyRequest().authenticated())
                .formLogin(formLogin -> formLogin
                        .loginPage("/login")
                        .defaultSuccessUrl("/articles")
                ).logout(logout -> logout
                        .logoutSuccessUrl("/login")
                        .invalidateHttpSession(true)
                )
                .csrf(AbstractHttpConfigurer::disable)
                .build();
    }

심플하게 그냥

.authorizeRequests()만

.authorizeHttpRequests()로 바꿧고

그 아래 new 연산자 계속 쓰던거

한줄로 합쳤음.

저작자표시 비영리 변경금지 (새창열림)

'Spring Security' 카테고리의 다른 글

[Spring Security] Empty encoded password 에러 (0)	2025.05.04
[Spring Security] SecurityFilterChain 보안 설정 메소드 설명 (0)	2025.05.04
[Spring Security] UserDetails 클래스 (Override Method 단축키) (0)	2025.05.04
[Spring Security] 스프링 시큐리티 의존성 추가 (0)	2025.05.03
[Spring Security] 인증과 인가, Spring Security 구조 뜯어보기, 로그인 흐름 뜯어보기 (0)	2025.05.03

🗻우주물고기의 IT 블로그‍🏄

[Spring Security] 'authorizeRequests()' is deprecated 에러 해결

'Spring Security' 카테고리의 다른 글

티스토리툴바

[Spring Security] 'authorizeRequests()' is deprecated 에러 해결

'Spring Security' 카테고리의 다른 글

관련글

티스토리툴바