Annotation Interface EnableWebFluxSecurity

@Retention(RUNTIME)
@Target(TYPE)
@Documented
@Import({org.springframework.security.config.annotation.web.reactive.ServerHttpSecurityConfiguration.class,org.springframework.security.config.annotation.web.reactive.WebFluxSecurityConfiguration.class,org.springframework.security.config.annotation.web.reactive.ReactiveOAuth2ClientImportSelector.class,org.springframework.security.config.annotation.web.reactive.ReactiveObservationImportSelector.class})
public @interface EnableWebFluxSecurity

Add this annotation to a Configuration class to have Spring Security WebFlux support added. User's can then create one or more ServerHttpSecurity Bean instances. A minimal configuration can be found below:

@Configuration
@EnableWebFluxSecurity
public class MyMinimalSecurityConfiguration {

    @Bean
    public MapReactiveUserDetailsService userDetailsService() {
         UserDetails user = User.withDefaultPasswordEncoder()
              .username("user")
              .password("password")
              .roles("USER")
              .build();
         return new MapReactiveUserDetailsService(user);
    }
}

Below is the same as our minimal configuration, but explicitly declaring the ServerHttpSecurity.

@Configuration
@EnableWebFluxSecurity
public class MyExplicitSecurityConfiguration {
    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
         http
              .authorizeExchange()
                   .anyExchange().authenticated()
                        .and()
                   .httpBasic().and()
                   .formLogin();
         return http.build();
    }

    @Bean
    public MapReactiveUserDetailsService userDetailsService() {
         UserDetails user = User.withDefaultPasswordEncoder()
              .username("user")
              .password("password")
              .roles("USER")
              .build();
         return new MapReactiveUserDetailsService(user);
    }
}

Since:

5.0