Java 26572 Update article Spring Cloud – Bootstrapping (#16697)

Author: amit2103

…/bootstrap/config/ConfigApplication.java …g/cloud/bootstrap/ConfigApplication.javaspring-cloud-modules/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/ConfigApplication.java renamed to spring-cloud-modules/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/ConfigApplication.java spring-cloud-modules/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/ConfigApplication.java renamed to spring-cloud-modules/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/ConfigApplication.java

@@ -1,4 +1,4 @@
-package com.baeldung.spring.cloud.bootstrap.config;
+package com.baeldung.spring.cloud.bootstrap;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;

spring-cloud-modules/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/SecurityConfig.java

@@ -1,18 +1,23 @@
 package com.baeldung.spring.cloud.bootstrap.config;
 
+import org.apache.commons.configuration.AbstractConfiguration;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
 
 @EnableWebSecurity
+@Configuration
 public class SecurityConfig {
 
     @Bean
-    public InMemoryUserDetailsManager userDetailsService(BCryptPasswordEncoder bCryptPasswordEncoder) {
+    public UserDetailsService userDetailsService(BCryptPasswordEncoder bCryptPasswordEncoder) {
         InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
         manager.createUser(User.withUsername("configUser")
             .password(bCryptPasswordEncoder.encode("configPassword"))
@@ -23,14 +28,11 @@ public InMemoryUserDetailsManager userDetailsService(BCryptPasswordEncoder bCryp
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.authorizeRequests()
+        http.authorizeRequests(auth -> auth
             .anyRequest()
-            .hasRole("SYSTEM")
-            .and()
-            .httpBasic()
-            .and()
-            .csrf()
-            .disable();
+            .hasRole("SYSTEM"))
+            .httpBasic(Customizer.withDefaults())
+            .csrf(csrf -> csrf.disable());
         return http.build();
     }
 

spring-cloud-modules/spring-cloud-bootstrap/config/src/test/java/com/baeldung/SpringContextTest.java

@@ -5,7 +5,7 @@
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.test.context.junit4.SpringRunner;
 
-import com.baeldung.spring.cloud.bootstrap.config.ConfigApplication;
+import com.baeldung.spring.cloud.bootstrap.ConfigApplication;
 
 @RunWith(SpringRunner.class)
 @SpringBootTest(classes = ConfigApplication.class)

spring-cloud-modules/spring-cloud-bootstrap/discovery/pom.xml

@@ -54,7 +54,8 @@
     </dependencies>
 
     <properties>
-        <spring-cloud-dependencies.version>2022.0.3</spring-cloud-dependencies.version>
+        <spring-cloud-dependencies.version>2023.0.1</spring-cloud-dependencies.version>
+        <spring-boot.version>3.2.2</spring-boot.version>
     </properties>
 
 </project>

spring-cloud-modules/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SecurityConfig.java

@@ -1,28 +1,43 @@
 package com.baeldung.spring.cloud.bootstrap.discovery;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @EnableWebSecurity
-@Order(1)
 public class SecurityConfig  {
 
     @Autowired
     public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
         auth.inMemoryAuthentication().withUser("discUser").password("{noop}discPassword").roles("SYSTEM");
     }
 
-    protected void configure(HttpSecurity http) throws Exception {
-        http.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)).authorizeHttpRequests(auth -> auth.requestMatchers("/eureka/**")).authorizeRequests(auth -> auth.requestMatchers("/eureka/**").hasRole("SYSTEM").anyRequest().denyAll()).httpBasic(
-                Customizer.withDefaults()).csrf(csrf -> csrf.disable());
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http)  throws Exception {
+        http.csrf(AbstractHttpConfigurer::disable)
+                .sessionManagement(sessionManagement ->
+                        sessionManagement.sessionCreationPolicy(SessionCreationPolicy.ALWAYS))
+                .authorizeHttpRequests(authorizeRequests ->
+                        authorizeRequests
+                                .requestMatchers(HttpMethod.GET, "/eureka/**").hasRole("SYSTEM")
+                                .requestMatchers(HttpMethod.POST, "/eureka/**").hasRole("SYSTEM")
+                                .requestMatchers(HttpMethod.PUT, "/eureka/**").hasRole("SYSTEM")
+                                .requestMatchers(HttpMethod.DELETE, "/eureka/**").hasRole("SYSTEM")
+                                .anyRequest().authenticated())
+                .httpBasic(Customizer.withDefaults());
+
+        return http.build();
+
+
     }
 
     @Configuration

spring-cloud-modules/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SessionConfig.java

@@ -1,8 +1,10 @@
 package com.baeldung.spring.cloud.bootstrap.discovery;
 
+import org.springframework.context.annotation.Configuration;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer;
 
 @EnableRedisHttpSession
+@Configuration
 public class SessionConfig extends AbstractHttpSessionApplicationInitializer {
 }

spring-cloud-modules/spring-cloud-bootstrap/discovery/src/main/resources/bootstrap.properties

@@ -1,4 +1,5 @@
 spring.cloud.config.name=discovery
 spring.cloud.config.uri=http://localhost:8081
 spring.cloud.config.username=configUser
-spring.cloud.config.password=configPassword
+spring.cloud.config.password=configPassword
+eureka.client.service-url.defaultZone=http://discUser:discPassword@localhost:8082/eureka/

spring-cloud-modules/spring-cloud-bootstrap/pom.xml

@@ -27,6 +27,8 @@
 
     <properties>
         <maven.compiler.release>17</maven.compiler.release>
+        <spring-cloud-dependencies.version>2023.0.1</spring-cloud-dependencies.version>
+        <spring-boot.version>3.2.2</spring-boot.version>
     </properties>
 
 </project>