Spring Boot 2에서 3으로 마이그레이션

마이그레이션 항목

Spring JPA

패키지명 변경 javax에서 jakarta로 변경

Spring Security

Before

@Override
public void configure(WebSecurity web) {
    web.ignoring().antMatchers("/actuator/**");
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
                .csrf().disable()
                .cors(withDefaults()) // withDefaults() by default uses a Bean by the name of corsConfigurationSource
                .formLogin().disable()
                .httpBasic().disable()
                .exceptionHandling()
            .and()
                .authorizeRequests()
            .antMatchers("/delivery-shop/**").hasAnyAuthority(RoleType.ADMIN.getCode(), RoleType.SHOP.getCode())
            .antMatchers("/delivery/v1/location/**",
                        "/delivery/v1/notice/**", 
                        "/delivery/v1/faq/**")
                    .hasAnyAuthority(RoleType.SHOP.getCode(), RoleType.ADMIN.getCode(), RoleType.DELIVERY.getCode())
            .anyRequest().hasAnyAuthority(
                    RoleType.ADMIN.getCode(),
                    RoleType.DELIVERY.getCode())
            .and()
                .addFilterAfter(new AuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
}

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(shopAuthService).passwordEncoder(customPasswordEncoder);
}

@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

@Bean
public CorsConfigurationSource corsConfigurationSource() {
    CorsConfiguration corsConfig = new CorsConfiguration();
    corsConfig.setAllowedHeaders(Arrays.asList(corsProperties.getAllowedHeaders().split(",")));
    corsConfig.setAllowedMethods(Arrays.asList(corsProperties.getAllowedMethods().split(",")));
    corsConfig.setAllowedOriginPatterns(List.of("*"));
    corsConfig.setExposedHeaders(Arrays.asList(corsProperties.getExposedHeaders().split(",")));
    corsConfig.setAllowCredentials(true);
    ...
    return corsConfigSource;
}

After

@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
    return webSecurity -> webSecurity.ignoring().requestMatchers(
            "/actuator/**", "/delivery-shop/auth/**", "/internal-api/**",
            "/delivery-shop/doc/**", "/delivery/app/**");
}

@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
    return authenticationConfiguration.getAuthenticationManager();
}

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    return http
            .sessionManagement( session -> session
                    .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
            .csrf(csrfConfigurer -> httpSecurityCsrfConfigurer.disable())
            .cors(corsConfigurer -> corsConfigurer.configurationSource(corsConfigurationSource()))
            .formLogin(formLoginConfigurer -> formLoginConfigurer.disable())
            .httpBasic(httpBasicConfigurer -> httpBasicConfigurer.disable())
            .headers((headerConfig) ->
                    headerConfig.frameOptions(frameOptionsConfig ->
                            frameOptionsConfig.disable()
                    )
            )
            .authorizeHttpRequests((authorizeRequests) ->
                    authorizeRequests
                            .requestMatchers("/delivery/feign/**")
                                .hasAnyAuthority(RoleType.ADMIN.getCode(), RoleType.FEIGN.getCode())
                            .requestMatchers("/delivery-shop/**")
                                .hasAnyAuthority(RoleType.ADMIN.getCode(), RoleType.SHOP.getCode())
                            .requestMatchers("/delivery/v1/location/**",
                                             "/delivery/v1/notice/**", 
                                             "/delivery/v1/faq/**")
                                   .hasAnyAuthority(RoleType.SHOP.getCode(), 
                                                    RoleType.ADMIN.getCode(), 
                                                    RoleType.DELIVERY.getCode())
                            .anyRequest()
                                .hasAnyAuthority(RoleType.ADMIN.getCode(),RoleType.DELIVERY.getCode())
            )
            .addFilterAfter(new AuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
            .build();
}

@Bean
public CorsConfigurationSource corsConfigurationSource() {
    CorsConfiguration corsConfig = new CorsConfiguration();
    corsConfig.setAllowedHeaders(Arrays.asList(corsProperties.getAllowedHeaders().split(",")));
    corsConfig.setAllowedMethods(Arrays.asList(corsProperties.getAllowedMethods().split(",")));
    corsConfig.setAllowedOriginPatterns(List.of("*"));
    corsConfig.setExposedHeaders(Arrays.asList(corsProperties.getExposedHeaders().split(",")));
    corsConfig.setAllowCredentials(true);
    ...
    return corsConfigSource;
}

Kafka

Cannot resolve method ‘addCallback’ in ‘CompletableFuture’

kafkaTemplate.send(..)
	.addCallback(new ListenableFutureCallback<>() { ... }