# Spring Security WebSecurityConfigurerAdapter 가 deprecated 된 이슈해결하기

{% hint style="info" %}
Spring Security 5.7.0-M2 부터는 구성 요소 기반 보안 설정으로 변경된다는 이슈가 있었다. 예전 방식 WebSecurityConfigurerAdapter 상속 후, configure 메소드를 오버라이딩 하여 설정하는 방식에서 5.7.x 이후 버전 부터 SecurityFilterChain 를 빈으로 등록하는 방식을 권장한다고 한다.
{% endhint %}

먼저 springboot 2.7.x 로 업그레이드 한다.

```markup
<parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>2.7.0</version>
    <relativePath/> <!-- lookup parent from repository -->
</parent>
```

### Spring Boot 2.7.0 이전

```java
/**
 * SpringSecurity config 
 * Created by blake on 2023/01/09.
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class OldSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private UmsAdminService adminService;

    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        // HttpSecurity 구성 생략
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService())
                .passwordEncoder(passwordEncoder());
    }
    
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

}
```

### SpringBoot 2.7.0 이후

<br>

<figure><img src="/files/eVDOgL5AsFe77j6PcQ5P" alt=""><figcaption></figcaption></figure>

#### 공식 사이트에서 권장하는 방식으로 변경해보자

```java
/**
 * SpringSecurity 5.4.x 이후 설정
 * 순환 의존성을 피하기 위해 HttpSecurity만 구성
 * Created by blake on 2023/01/09.
 */
@Configuration
public class SecurityConfig {

    @Bean
    SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        // HttpSecurity 구성 생략
        return httpSecurity.build();
    }

}
```

끝!


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://blakes-organization.gitbook.io/rainsister/spring/spring-security-websecurityconfigureradapter-deprecated.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.