.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
Correto Para: SecurityConfigurations.Java, trocando configure por SecurityFilterChainpackage br.com.ilso.forum.config.security;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain;
@Configuration public class SecurityConfigurations {
@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
return authenticationConfiguration.getAuthenticationManager();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers(HttpMethod.GET, "/topicos").permitAll()
.antMatchers(HttpMethod.GET, "/topicos/*").permitAll()
.antMatchers(HttpMethod.POST, "/auth").permitAll()
.antMatchers(HttpMethod.GET, "/actuator/**").permitAll()
.antMatchers("/*.html", "/v2/api-docs", "/webjars/", "/configuration/", "/swagger-resources/*").permitAll()
.antMatchers("/h2-console/**").permitAll()
.anyRequest().authenticated()
.and().csrf().disable()
.formLogin();
return http.build();
}
// public static void main(String[] args) {
// System.out.println(new BCryptPasswordEncoder().encode("123456"));
// }}
