From 0b60b36c6a4562f8ba29796435b07d9e0fe96fbd Mon Sep 17 00:00:00 2001
From: Ravi Shankar Kalla <ravi523096@yahoo.com>
Date: Mon, 2 Jun 2025 17:32:32 -0700
Subject: [PATCH] Upgrade project to Spring Boot 3

---
 pom.xml                                       | 14 +++---
 .../config/CustomAuthenticationFilter.java    |  8 +--
 .../CustomBasicAuthenticationEntryPoint.java  |  6 +--
 .../config/HttpHeaderModificationConfig.java  | 18 +++----
 .../config/SecurityConfiguration.java         | 50 +++++++++++--------
 .../security/config/SecurityInterceptor.java  |  8 +--
 .../security/SecurityApplicationTests.java    | 10 ++--
 7 files changed, 60 insertions(+), 54 deletions(-)

diff --git a/pom.xml b/pom.xml
index f15e162..b34a9f3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -11,17 +11,17 @@
 	<name>spring-custom-security</name>
 	<description>Demo project for Spring Boot</description>
 
-	<parent>
-		<groupId>org.springframework.boot</groupId>
-		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.4.7.RELEASE</version>
-		<relativePath/> <!-- lookup parent from repository -->
-	</parent>
+        <parent>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-starter-parent</artifactId>
+                <version>3.2.5</version>
+                <relativePath/> <!-- lookup parent from repository -->
+        </parent>
 
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-		<java.version>1.8</java.version>
+                <java.version>17</java.version>
 	</properties>
 
 	<dependencies>
diff --git a/src/main/java/in/ravikalla/security/config/CustomAuthenticationFilter.java b/src/main/java/in/ravikalla/security/config/CustomAuthenticationFilter.java
index bbb12b4..258bfa6 100644
--- a/src/main/java/in/ravikalla/security/config/CustomAuthenticationFilter.java
+++ b/src/main/java/in/ravikalla/security/config/CustomAuthenticationFilter.java
@@ -4,10 +4,10 @@
 import java.util.HashSet;
 import java.util.Set;
 
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
diff --git a/src/main/java/in/ravikalla/security/config/CustomBasicAuthenticationEntryPoint.java b/src/main/java/in/ravikalla/security/config/CustomBasicAuthenticationEntryPoint.java
index 1e35dac..37eda67 100644
--- a/src/main/java/in/ravikalla/security/config/CustomBasicAuthenticationEntryPoint.java
+++ b/src/main/java/in/ravikalla/security/config/CustomBasicAuthenticationEntryPoint.java
@@ -6,9 +6,9 @@
 import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
 import org.springframework.stereotype.Component;
 
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
 
diff --git a/src/main/java/in/ravikalla/security/config/HttpHeaderModificationConfig.java b/src/main/java/in/ravikalla/security/config/HttpHeaderModificationConfig.java
index 1d55d4c..48dbdcd 100644
--- a/src/main/java/in/ravikalla/security/config/HttpHeaderModificationConfig.java
+++ b/src/main/java/in/ravikalla/security/config/HttpHeaderModificationConfig.java
@@ -5,15 +5,15 @@
 import java.util.Enumeration;
 import java.util.List;
 
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletRequestWrapper;
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequestWrapper;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
diff --git a/src/main/java/in/ravikalla/security/config/SecurityConfiguration.java b/src/main/java/in/ravikalla/security/config/SecurityConfiguration.java
index d4ab166..8e23aed 100644
--- a/src/main/java/in/ravikalla/security/config/SecurityConfiguration.java
+++ b/src/main/java/in/ravikalla/security/config/SecurityConfiguration.java
@@ -3,18 +3,23 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
-@EnableGlobalMethodSecurity(prePostEnabled = true)
+import in.ravikalla.security.config.CustomBasicAuthenticationEntryPoint;
+import in.ravikalla.security.config.CustomAuthenticationProvider;
+
+@EnableMethodSecurity(prePostEnabled = true)
 @EnableWebSecurity
 @Configuration
-public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+public class SecurityConfiguration {
 
 	private Logger logger = LoggerFactory.getLogger(SecurityConfiguration.class);
 
@@ -26,28 +31,29 @@ public void setCustomBasicAuthenticationEntryPoint(CustomBasicAuthenticationEntr
 
 	@Autowired
     private CustomAuthenticationProvider demoAuthenticationProvider;
-	public void setDemoAuthenticationProvider(CustomAuthenticationProvider demoAuthenticationProvider) {
-		this.demoAuthenticationProvider = demoAuthenticationProvider;
-	}
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-    	auth.authenticationProvider(demoAuthenticationProvider);
+        public void setDemoAuthenticationProvider(CustomAuthenticationProvider demoAuthenticationProvider) {
+                this.demoAuthenticationProvider = demoAuthenticationProvider;
+        }
+
+    @Bean
+    public AuthenticationManager authenticationManager(HttpSecurity http) throws Exception {
+        AuthenticationManagerBuilder builder = http.getSharedObject(AuthenticationManagerBuilder.class);
+        builder.authenticationProvider(demoAuthenticationProvider);
+        return builder.build();
     }
 
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-
-    	logger.info("43 : Start : SecurityConfiguration.configure(...)");
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        logger.info("43 : Start : SecurityConfiguration.filterChain(...)");
 
-        http.csrf().disable();
-        http.authorizeRequests().antMatchers("**/secured/**").permitAll()
-        .anyRequest().authenticated()
-        .and()
-        .httpBasic()
-        .authenticationEntryPoint(customBasicAuthenticationEntryPoint);
+        http.csrf(csrf -> csrf.disable());
+        http.authorizeHttpRequests(auth -> auth
+                .requestMatchers("**/secured/**").permitAll()
+                .anyRequest().authenticated());
+        http.httpBasic(basic -> basic.authenticationEntryPoint(customBasicAuthenticationEntryPoint));
         http.addFilterBefore(new CustomAuthenticationFilter(), BasicAuthenticationFilter.class);
 
-        logger.info("53 : End : SecurityConfiguration.configure(...)");
+        logger.info("53 : End : SecurityConfiguration.filterChain(...)");
+        return http.build();
     }
 }
diff --git a/src/main/java/in/ravikalla/security/config/SecurityInterceptor.java b/src/main/java/in/ravikalla/security/config/SecurityInterceptor.java
index d7a4cee..f0f21fa 100644
--- a/src/main/java/in/ravikalla/security/config/SecurityInterceptor.java
+++ b/src/main/java/in/ravikalla/security/config/SecurityInterceptor.java
@@ -1,14 +1,14 @@
 package in.ravikalla.security.config;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+import org.springframework.web.servlet.HandlerInterceptor;
 
-public class SecurityInterceptor extends HandlerInterceptorAdapter {
+public class SecurityInterceptor implements HandlerInterceptor {
 
 	private Logger logger = LoggerFactory.getLogger(SecurityInterceptor.class);
 
diff --git a/src/test/java/in/ravikalla/security/SecurityApplicationTests.java b/src/test/java/in/ravikalla/security/SecurityApplicationTests.java
index 833725d..a493e3a 100644
--- a/src/test/java/in/ravikalla/security/SecurityApplicationTests.java
+++ b/src/test/java/in/ravikalla/security/SecurityApplicationTests.java
@@ -4,16 +4,16 @@
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
-import javax.servlet.http.Cookie;
+import jakarta.servlet.http.Cookie;
 
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
 import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
@@ -23,7 +23,7 @@
 import static in.ravikalla.security.util.Constants.CUSTOM_HEADER_NAME;
 import static in.ravikalla.security.util.Constants.METHOD_HEADER_LOOKUP;
 
-@RunWith(SpringRunner.class)
+@ExtendWith(SpringExtension.class)
 @SpringBootTest
 @AutoConfigureMockMvc
 public class SecurityApplicationTests {