In Spring Security 5.x and later, the `@EnableResourceServer` annotation is part of the OAuth2 functionality and typically used in conjunction with `@EnableWebSecurity`. To configure security for a resource server, you should extend the `ResourceServerConfigurerAdapter` class, which provides methods to configure resource server settings.
If you are encountering an error like "does not have any WebSecurityConfigurerAdapter.class," it might indicate that you haven't correctly configured your Spring Security with the required classes and methods. Here's a step-by-step guide on how to configure Spring Security for a resource server using `@EnableResourceServer`:
1. Make sure you have the necessary Spring Security and OAuth2 dependencies in your `pom.xml` or `build.gradle`:
```xml
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>
```
2. Create a configuration class that extends `ResourceServerConfigurerAdapter` and override the `configure` method:
```java
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/api/public/**").permitAll()
.anyRequest().authenticated();
}
}
```
3. In the code above, we've configured that requests to "/api/public/**" should be permitted without authentication, and all other requests should require authentication.
4. Ensure that you have an OAuth2 configuration in your application properties or YAML file. Here's an example of a minimal configuration:
```yaml
security:
oauth2:
resource:
user-info-uri: /oauth2/userinfo
```
5. Make sure you have properly defined your endpoints and resources in your application according to your use case.
6. If you are still facing issues or errors, please provide more specific details about the error message, and I can provide further assistance based on the actual error you are encountering.