Filter Chain HTTPSecurity 5 to 6 Migration

Question

I'm currently trying to migrate from Spring 2.x -> 3.1.5 as a beginner to Spring Security and I don't really understand the migration instructions.

Can someone explain the exact difference between the old requestMatchers and the new securityMatchers? The code attached below is the old version, but requestMatcher no longer works. Would the commented out parts be equivalent to the lower part?

//http.authorizeHttpRequests((authz) -> authz.anyRequest());
//http.securityMatcher().authorizeHttpRequests((authz) -> authz.anyRequest());
http.requestMatchers().anyRequest();

Would be thankful for each answer :)

Answer 1

As a start you have to check Migration Guide where you will be able to find an answer to your question:

In Spring Security 5.8, the antMatchers, mvcMatchers and requestMatchers methods from HttpSecurity were deprecated in favor of new securityMatchers methods.

It mean that you have to replace next one piece of code that you put in question:

//http.authorizeHttpRequests((authz) -> authz.anyRequest());
//http.securityMatcher().authorizeHttpRequests((authz) -> authz.anyRequest());
http.requestMatchers().anyRequest();

To the next one:

http.authorizeHttpRequests(AbstractRequestMatcherRegistry::anyRequest);
http.securityMatcher().authorizeHttpRequests(AbstractRequestMatcherRegistry::anyRequest);
http.securityMatchers(AbstractRequestMatcherRegistry::anyRequest);

More details about it you could find in above reference to Migration Guide.