Spring Security

[Spring Security] 'authorizeRequests()' is deprecated 에러 해결

우주물고기 2025. 5. 4. 12:50
반응형

'authorizeRequests(org. springframework. security. config. Customizer<org. springframework. security. config. annotation. web. configurers. ExpressionUrlAuthorizationConfigurer<org. springframework. security. config. annotation. web. builders. HttpSecurity>.ExpressionInterceptUrlRegistry>)' is deprecated since version 6.1 and marked for remova

난 책 보면서 진도 따라가고 있었기 때문에

 

 

 

 

 

 

 

 

 

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
                .authorizeRequests(auth -> auth
                        .requestMatchers(
                                new AntPathRequestMatcher("/login"),
                                new AntPathRequestMatcher("/signup"),
                                new AntPathRequestMatcher("/user")
                        ).permitAll()
                        .anyRequest().authenticated())
                .formLogin(formLogin -> formLogin
                        .loginPage("/login")
                        .defaultSuccessUrl("/articles")
                ).logout(logout -> logout
                        .logoutSuccessUrl("/login")
                        .invalidateHttpSession(true)
                )
                .csrf(AbstractHttpConfigurer::disable)
                .build();
    }

이렇게 했더니 .authorizeRequests() 가 deprecated되었다고

에러뜸.

 

 

 

https://docs.spring.io/spring-security/reference/servlet/authorization/authorize-http-requests.html

 

Authorize HttpServletRequests :: Spring Security

While using a concrete AuthorizationManager is recommended, there are some cases where an expression is necessary, like with or with JSP Taglibs. For that reason, this section will focus on examples from those domains. Given that, let’s cover Spring Secu

docs.spring.io

공식 문서 보니까

 

 

 

 

라고 하네요

 

 

 

@Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
                .authorizeHttpRequests(auth -> auth
                        .requestMatchers("/login", "/signup", "/user").permitAll()
                        .anyRequest().authenticated())
                .formLogin(formLogin -> formLogin
                        .loginPage("/login")
                        .defaultSuccessUrl("/articles")
                ).logout(logout -> logout
                        .logoutSuccessUrl("/login")
                        .invalidateHttpSession(true)
                )
                .csrf(AbstractHttpConfigurer::disable)
                .build();
    }

 

심플하게 그냥

.authorizeRequests()만

.authorizeHttpRequests()로 바꿧고

그 아래 new 연산자 계속 쓰던거

한줄로 합쳤음.

 

반응형
저작자표시 비영리 변경금지 (새창열림)