Merge pull request #624 from iExecBlockchainComputing/bugfix/fix-web-…

…security-depreciation

Rework `WebSecurityConfigurationAdapter` implementation

CHANGELOG.md

@@ -6,6 +6,8 @@ All notable changes to this project will be documented in this file.
 
 ### New Features
 - Create `iexec-core-library` sub-project to split shared code/apis from specific scheduler application code. (#623)
+### Bug Fixes
+- Fix web security depreciation warning. (#624)
 
 ## [[8.2.0]](https://github.com/iExecBlockchainComputing/iexec-core/releases/tag/v8.2.0) 2023-09-29
 

src/main/java/com/iexec/core/security/WebSecurityConfig.java

@@ -16,18 +16,19 @@
 
 package com.iexec.core.security;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @EnableGlobalMethodSecurity(prePostEnabled = true)
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+public class WebSecurityConfig {
 
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         // Disable CSRF (cross site request forgery)
         http.csrf().disable();
 
@@ -36,5 +37,6 @@ protected void configure(HttpSecurity http) throws Exception {
 
         http.authorizeRequests()
                 .anyRequest().permitAll();
+        return http.build();
     }
 }