Switch from deprecated EnableGlobalMethodSecurity to EnableMethodSecurity (#2081)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

hawkbit-ddi/hawkbit-ddi-server/src/main/java/org/eclipse/hawkbit/app/ddi/DDIStart.java

@@ -11,8 +11,6 @@ package org.eclipse.hawkbit.app.ddi;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
@@ -45,8 +43,4 @@ public class DDIStart {
             return new RedirectView("swagger-ui/index.html");
         }
     }
-
-    @Configuration
-    @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, proxyTargetClass = true)
-    public static class MethodSecurityConfig {}
 }

hawkbit-ddi/hawkbit-ddi-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/ddi/DdiApiAutoConfiguration.java

@@ -14,11 +14,13 @@ import org.eclipse.hawkbit.security.DdiSecurityProperties;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
 /**
  * Auto-Configuration for enabling the DDI REST-Resources.
  */
 @Configuration
+@EnableWebSecurity
 @ConditionalOnClass(DdiApiConfiguration.class)
 @Import({ DdiApiConfiguration.class, DdiSecurityProperties.class })
 public class DdiApiAutoConfiguration {}

hawkbit-mgmt/hawkbit-mgmt-server/src/main/java/org/eclipse/hawkbit/app/mgmt/MgmtServerStart.java

@@ -11,8 +11,6 @@ package org.eclipse.hawkbit.app.mgmt;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
@@ -45,8 +43,4 @@ public class MgmtServerStart {
             return new RedirectView("swagger-ui/index.html");
         }
     }
-
-    @Configuration
-    @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, proxyTargetClass = true)
-    public static class MethodSecurityConfig {}
 }

hawkbit-mgmt/hawkbit-mgmt-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/mgmt/MgmtSecurityConfiguration.java

@@ -27,6 +27,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
@@ -45,6 +46,7 @@ import org.springframework.web.cors.CorsConfigurationSource;
  */
 @Configuration
 @EnableWebSecurity
+@EnableMethodSecurity(proxyTargetClass = true, securedEnabled = true)
 public class MgmtSecurityConfiguration {
 
     private final HawkbitSecurityProperties securityProperties;

hawkbit-monolith/hawkbit-update-server/src/main/java/org/eclipse/hawkbit/app/Start.java

@@ -11,8 +11,6 @@ package org.eclipse.hawkbit.app;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;
@@ -48,8 +46,4 @@ public class Start {
             return new RedirectView("swagger-ui/index.html");
         }
     }
-
-    @Configuration
-    @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, proxyTargetClass = true)
-    public static class MethodSecurityConfig {}
 }

hawkbit-repository/hawkbit-repository-core/src/main/java/org/eclipse/hawkbit/repository/RepositoryDefaultConfiguration.java

@@ -14,11 +14,13 @@ import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 
 /**
  * Default configuration that is common to all repository implementations.
  */
 @Configuration
+@EnableMethodSecurity(proxyTargetClass = true, securedEnabled = true)
 @EnableConfigurationProperties({ RepositoryProperties.class, ControllerPollProperties.class, TenantConfigurationProperties.class })
 @PropertySource("classpath:/hawkbit-repository-defaults.properties")
 public class RepositoryDefaultConfiguration {}

hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/TestConfiguration.java

@@ -67,13 +67,11 @@ import org.springframework.scheduling.annotation.AsyncConfigurer;
 import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
 import org.springframework.security.concurrent.DelegatingSecurityContextExecutorService;
 import org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 
 /**
  * Spring context configuration required for Dev.Environment.
  */
 @Configuration
-@EnableGlobalMethodSecurity(prePostEnabled = true, mode = AdviceMode.PROXY, proxyTargetClass = false, securedEnabled = true)
 @EnableConfigurationProperties({ DdiSecurityProperties.class,
         ArtifactUrlHandlerProperties.class, ArtifactFilesystemProperties.class, HawkbitSecurityProperties.class,
         ControllerPollProperties.class, TenantConfigurationProperties.class })

hawkbit-rest-core/src/main/java/org/eclipse/hawkbit/rest/SecurityManagedConfiguration.java

@@ -20,13 +20,11 @@ import org.eclipse.hawkbit.rest.security.DosFilter;
 import org.eclipse.hawkbit.security.HawkbitSecurityProperties;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
-import org.springframework.context.annotation.AdviceMode;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.core.Ordered;
-import org.springframework.core.annotation.Order;
+import org.springframework.core.annotation.Order;;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.firewall.FirewalledRequest;
 import org.springframework.security.web.firewall.HttpFirewall;
@@ -39,7 +37,6 @@ import org.springframework.util.CollectionUtils;
 @Slf4j
 @Configuration
 @EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true, mode = AdviceMode.ASPECTJ, proxyTargetClass = true, securedEnabled = true)
 @Order(Ordered.HIGHEST_PRECEDENCE)
 @PropertySource("classpath:hawkbit-security-defaults.properties")
 public class SecurityManagedConfiguration {