Minimal Requirment

  1. Java 17 or higher
  2. Jakarta EE 10
  3. Spring Framework 6
  4. Works on Maven 3.5+
  5. Tomcat 10.0
  6. Improved observability with Micrometer and Micrometer Tracing

Improvements
Performance enhancements and optimizations to boost application responsiveness and efficiency.These improvements focus on reducing startup times, minimizing memory footprint, and optimizing resource utilization.

Changes in Code

  1. When we wanted to configure the Security settings, we had to extend the WebSecurityConfigurerAdapter class.This class has been deprecated and removed in Spring Security 6.
    Instead, we should now take a more component-based approach and create a bean of type SecurityFilterChain.

    @Configuration
    @EnableWebSecurity
    public class WebSecurityConfig {
     @Bean
      public SecurityFilterChain configure(HttpSecurity http) throws Exception {
        http
            .authorizeHttpRequests(requests -> requests
                .requestMatchers(new AntPathRequestMatcher("/openapi/openapi.yml")).permitAll()
                .anyRequest().authenticated())
            .httpBasic();
        return http.build();
      }
    }
    
  2. Instead of using authorizeRequests, which has been deprecated, we should now use authorizeHttpRequests.This method is part of the HttpSecurity configuration and allows you to configure fine-grained request matching for access control.
  3. Spring Security 6, AntMatcher, MvcMatcher, and RegexMatcher have been depreciated and replaced by requestMatchers or securityMatchers for path-based access control. This allows us to match requests based on patterns or other criteria without relying on specific matchers.

Comments are closed.