I have this configuration but don't know how to migrate that to Spring Security 6.1.
http.oauth2ResourceServer().jwt();
http.oauth2Login()
.and()
.logout(c -> c.addLogoutHandler(keycloakLogoutHandler).logoutSuccessUrl("/"));
I don't get error messages but the methods are deprecated and I want to know how this has to be done now.
Any help is appreciated.
Judging from the little there is in the Spring Security Documentation and the information in the Javadoc I suspect that the non usage of the Customizer
for your other configurations and the and()
are the problem here.
http.oauth2ResourceServer( (c) -> c.jwt(Customizer.withDefaults()));
http.oauth2Login(Customizer.withDefaults());
http.logout( (c) -> c.addLogoutHandler(keycloakLogoutHandler).logoutSuccessUrl("/"));
Based on the information I got from the Javadoc the above should work and use non deprecated methods. I'm not sure if this is more readable or not.