diff --git a/demo/openapi-generator-for-spring-demo-webmvc/src/main/java/de/qaware/openapigeneratorforspring/demo/webmvc/SpringSecurityConfiguration.java b/demo/openapi-generator-for-spring-demo-webmvc/src/main/java/de/qaware/openapigeneratorforspring/demo/webmvc/SpringSecurityConfiguration.java
index 9afcb5b5..20680fee 100644
--- a/demo/openapi-generator-for-spring-demo-webmvc/src/main/java/de/qaware/openapigeneratorforspring/demo/webmvc/SpringSecurityConfiguration.java
+++ b/demo/openapi-generator-for-spring-demo-webmvc/src/main/java/de/qaware/openapigeneratorforspring/demo/webmvc/SpringSecurityConfiguration.java
@@ -1,20 +1,22 @@
 package de.qaware.openapigeneratorforspring.demo.webmvc;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 
 @Configuration
 @EnableWebSecurity
-public class SpringSecurityConfiguration extends WebSecurityConfigurerAdapter {
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
+public class SpringSecurityConfiguration {
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         // do nothing else then configuring CSRF
         http
                 .csrf()
                 // it doesn't really matter which CSRF token repository is used
                 .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
+        return http.build();
     }
 }
diff --git a/openapi-generator-for-spring-test/src/test/java/de/qaware/openapigeneratorforspring/test/OpenApiDisabledSpringSecurityTestConfiguration.java b/openapi-generator-for-spring-test/src/test/java/de/qaware/openapigeneratorforspring/test/OpenApiDisabledSpringSecurityTestConfiguration.java
index 52b69c7b..456ea24b 100644
--- a/openapi-generator-for-spring-test/src/test/java/de/qaware/openapigeneratorforspring/test/OpenApiDisabledSpringSecurityTestConfiguration.java
+++ b/openapi-generator-for-spring-test/src/test/java/de/qaware/openapigeneratorforspring/test/OpenApiDisabledSpringSecurityTestConfiguration.java
@@ -4,8 +4,8 @@
 import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
 /**
@@ -13,21 +13,17 @@
  * tests focus on CSRF support and thus Spring Security Basic Auth kicks in.
  */
 public class OpenApiDisabledSpringSecurityTestConfiguration {
-    @Bean
     @ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
-    public WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
-        return new WebSecurityConfigurerAdapter() {
-            @Override
-            protected void configure(HttpSecurity http) throws Exception {
-                // do nothing, this disables all security for tests by default
-            }
-        };
+    @ConditionalOnMissingBean
+    @Bean
+    public SecurityFilterChain noWebMvcSecurityFilterChain(HttpSecurity http) throws Exception {
+        return http.build();
     }
 
-    @Bean
     @ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
     @ConditionalOnMissingBean
-    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
+    @Bean
+    public SecurityWebFilterChain noWebFluxSecurityFilterChain(ServerHttpSecurity http) {
         // do nothing, this disables all security for tests by default
         return http.build();
     }
diff --git a/openapi-generator-for-spring-test/src/test/java/de/qaware/openapigeneratorforspring/test/app39/App39SpringSecurityConfiguration.java b/openapi-generator-for-spring-test/src/test/java/de/qaware/openapigeneratorforspring/test/app39/App39SpringSecurityConfiguration.java
index 5866ea6c..9cb9a1c6 100644
--- a/openapi-generator-for-spring-test/src/test/java/de/qaware/openapigeneratorforspring/test/app39/App39SpringSecurityConfiguration.java
+++ b/openapi-generator-for-spring-test/src/test/java/de/qaware/openapigeneratorforspring/test/app39/App39SpringSecurityConfiguration.java
@@ -1,16 +1,17 @@
 package de.qaware.openapigeneratorforspring.test.app39;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
 @Order(Ordered.HIGHEST_PRECEDENCE)
-class App39SpringSecurityConfiguration extends WebSecurityConfigurerAdapter {
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.csrf().disable();
+class App39SpringSecurityConfiguration {
+    @Bean
+    public SecurityFilterChain noWebMvcSecurityFilterChain(HttpSecurity http) throws Exception {
+        return http.csrf().disable().build();
     }
 }