diff --git a/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java b/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
index 43283b7ccf..0038f6de43 100644
--- a/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
+++ b/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -34,7 +34,7 @@ import org.springframework.security.authentication.AuthenticationTrustResolverIm
 import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
 import org.springframework.security.cas.ServiceProperties;
 import org.springframework.security.cas.authentication.CasServiceTicketAuthenticationToken;
-import org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails;
+import org.springframework.security.cas.authentication.ServiceAuthenticationDetails;
 import org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
diff --git a/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java b/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java
index bc19183a79..5f55ecdc66 100644
--- a/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java
+++ b/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java
@@ -22,6 +22,7 @@ import java.util.regex.Pattern;
 
 import jakarta.servlet.http.HttpServletRequest;
 
+import org.springframework.security.cas.authentication.ServiceAuthenticationDetails;
 import org.springframework.security.web.authentication.WebAuthenticationDetails;
 import org.springframework.security.web.util.UrlUtils;
 import org.springframework.util.Assert;
@@ -60,7 +61,7 @@ final class DefaultServiceAuthenticationDetails extends WebAuthenticationDetails
 
 	/**
 	 * Returns the current URL minus the artifact parameter and its value, if present.
-	 * @see org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails#getServiceUrl()
+	 * @see org.springframework.security.cas.authentication.ServiceAuthenticationDetails#getServiceUrl()
 	 */
 	@Override
 	public String getServiceUrl() {
diff --git a/cas/src/main/java/org/springframework/security/cas/web/authentication/ServiceAuthenticationDetails.java b/cas/src/main/java/org/springframework/security/cas/web/authentication/ServiceAuthenticationDetails.java
deleted file mode 100644
index 91d6a34d66..0000000000
--- a/cas/src/main/java/org/springframework/security/cas/web/authentication/ServiceAuthenticationDetails.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright 2011-2024 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.cas.web.authentication;
-
-import org.springframework.security.cas.ServiceProperties;
-import org.springframework.security.core.Authentication;
-
-/**
- * In order for the
- * {@link org.springframework.security.cas.authentication.CasAuthenticationProvider} to
- * provide the correct service url to authenticate the ticket, the returned value of
- * {@link Authentication#getDetails()} should implement this interface when tickets can be
- * sent to any URL rather than only {@link ServiceProperties#getService()}.
- *
- * @author Rob Winch
- * @see ServiceAuthenticationDetailsSource
- * @deprecated Please use
- * org.springframework.security.cas.authentication.ServiceAuthenticationDetails
- */
-@Deprecated
-public interface ServiceAuthenticationDetails
-		extends org.springframework.security.cas.authentication.ServiceAuthenticationDetails {
-
-	/**
-	 * Gets the absolute service url (i.e. https://example.com/service/).
-	 * @return the service url. Cannot be <code>null</code>.
-	 */
-	String getServiceUrl();
-
-}
diff --git a/cas/src/main/java/org/springframework/security/cas/web/authentication/ServiceAuthenticationDetailsSource.java b/cas/src/main/java/org/springframework/security/cas/web/authentication/ServiceAuthenticationDetailsSource.java
index a623a45434..51f30581e4 100644
--- a/cas/src/main/java/org/springframework/security/cas/web/authentication/ServiceAuthenticationDetailsSource.java
+++ b/cas/src/main/java/org/springframework/security/cas/web/authentication/ServiceAuthenticationDetailsSource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2011-2023 the original author or authors.
+ * Copyright 2011-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -23,6 +23,7 @@ import jakarta.servlet.http.HttpServletRequest;
 
 import org.springframework.security.authentication.AuthenticationDetailsSource;
 import org.springframework.security.cas.ServiceProperties;
+import org.springframework.security.cas.authentication.ServiceAuthenticationDetails;
 import org.springframework.util.Assert;
 
 /**
diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java
index 0e8b6fe862..a2320568e3 100644
--- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java
+++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java
@@ -30,7 +30,6 @@ import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.cas.ServiceProperties;
-import org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.authority.AuthorityUtils;
diff --git a/cas/src/test/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetailsTests.java b/cas/src/test/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetailsTests.java
index f9553ce6eb..506b7aca79 100644
--- a/cas/src/test/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetailsTests.java
+++ b/cas/src/test/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetailsTests.java
@@ -26,6 +26,7 @@ import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.support.GenericXmlApplicationContext;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.security.cas.ServiceProperties;
+import org.springframework.security.cas.authentication.ServiceAuthenticationDetails;
 import org.springframework.security.web.util.UrlUtils;
 
 import static org.assertj.core.api.Assertions.assertThat;
diff --git a/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java b/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java
index f89e06ca79..c127ceb0e6 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -79,15 +79,6 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
 		this(objectPostProcessor, false);
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	protected AbstractConfiguredSecurityBuilder(
-			org.springframework.security.config.annotation.ObjectPostProcessor<Object> objectPostProcessor) {
-		this(objectPostProcessor, false);
-	}
-
 	/***
 	 * Creates a new instance with the provided {@link ObjectPostProcessor}. This post
 	 * processor must support Object since there are many types of objects that may be
@@ -103,18 +94,6 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
 		this.allowConfigurersOfSameType = allowConfigurersOfSameType;
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	protected AbstractConfiguredSecurityBuilder(
-			org.springframework.security.config.annotation.ObjectPostProcessor<Object> objectPostProcessor,
-			boolean allowConfigurersOfSameType) {
-		Assert.notNull(objectPostProcessor, "objectPostProcessor cannot be null");
-		this.objectPostProcessor = objectPostProcessor;
-		this.allowConfigurersOfSameType = allowConfigurersOfSameType;
-	}
-
 	/**
 	 * Similar to {@link #build()} and {@link #getObject()} but checks the state to
 	 * determine if {@link #build()} needs to be called first.
diff --git a/config/src/main/java/org/springframework/security/config/annotation/ObjectPostProcessor.java b/config/src/main/java/org/springframework/security/config/annotation/ObjectPostProcessor.java
deleted file mode 100644
index 9d63541438..0000000000
--- a/config/src/main/java/org/springframework/security/config/annotation/ObjectPostProcessor.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright 2002-2013 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.config.annotation;
-
-import org.springframework.beans.factory.Aware;
-import org.springframework.beans.factory.DisposableBean;
-import org.springframework.beans.factory.InitializingBean;
-
-/**
- * Allows initialization of Objects. Typically this is used to call the {@link Aware}
- * methods, {@link InitializingBean#afterPropertiesSet()}, and ensure that
- * {@link DisposableBean#destroy()} has been invoked.
- *
- * @param <T> the bound of the types of Objects this {@link ObjectPostProcessor} supports.
- * @author Rob Winch
- * @since 3.2
- * @deprecated please use {@link org.springframework.security.config.ObjectPostProcessor}
- * instead
- */
-@Deprecated
-public interface ObjectPostProcessor<T> extends org.springframework.security.config.ObjectPostProcessor<T> {
-
-	/**
-	 * Initialize the object possibly returning a modified instance that should be used
-	 * instead.
-	 * @param object the object to initialize
-	 * @return the initialized version of the object
-	 */
-	<O extends T> O postProcess(O object);
-
-}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java b/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java
index 6db7ca8b73..2af9105ce0 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -81,15 +81,6 @@ public abstract class SecurityConfigurerAdapter<O, B extends SecurityBuilder<O>>
 		this.objectPostProcessor.addObjectPostProcessor(objectPostProcessor);
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	public void addObjectPostProcessor(
-			org.springframework.security.config.annotation.ObjectPostProcessor<?> objectPostProcessor) {
-		this.objectPostProcessor.addObjectPostProcessor(objectPostProcessor);
-	}
-
 	/**
 	 * Sets the {@link SecurityBuilder} to be used. This is automatically set when using
 	 * {@link AbstractConfiguredSecurityBuilder#apply(SecurityConfigurerAdapter)}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java
index 12b464a820..1259459bb8 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -73,15 +73,6 @@ public class AuthenticationManagerBuilder
 		super(objectPostProcessor, true);
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	public AuthenticationManagerBuilder(
-			org.springframework.security.config.annotation.ObjectPostProcessor<Object> objectPostProcessor) {
-		super(objectPostProcessor, true);
-	}
-
 	/**
 	 * Allows providing a parent {@link AuthenticationManager} that will be tried if this
 	 * {@link AuthenticationManager} was unable to attempt to authenticate the provided
diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java
index 1a44dbcebe..6e5d0331f3 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -133,16 +133,6 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
 		return this;
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	public LdapAuthenticationProviderConfigurer<B> withObjectPostProcessor(
-			org.springframework.security.config.annotation.ObjectPostProcessor<?> objectPostProcessor) {
-		addObjectPostProcessor(objectPostProcessor);
-		return this;
-	}
-
 	/**
 	 * Gets the {@link LdapAuthoritiesPopulator} and defaults to
 	 * {@link DefaultLdapAuthoritiesPopulator}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java
index 35adfe2f35..71407b19d8 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -63,17 +63,6 @@ public abstract class AbstractDaoAuthenticationConfigurer<B extends ProviderMana
 		return (C) this;
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	@SuppressWarnings("unchecked")
-	public C withObjectPostProcessor(
-			org.springframework.security.config.annotation.ObjectPostProcessor<?> objectPostProcessor) {
-		addObjectPostProcessor(objectPostProcessor);
-		return (C) this;
-	}
-
 	/**
 	 * Allows specifying the {@link PasswordEncoder} to use with the
 	 * {@link DaoAuthenticationProvider}. The default is to use plain text.
diff --git a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.java
index b20c5eab2a..aa918e9afe 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -407,16 +407,6 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
 		this.objectPostProcessor = objectPostProcessor;
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	@Autowired(required = false)
-	public void setObjectPostProcessor(
-			org.springframework.security.config.annotation.ObjectPostProcessor<Object> objectPostProcessor) {
-		this.objectPostProcessor = objectPostProcessor;
-	}
-
 	@Autowired(required = false)
 	public void setMethodSecurityExpressionHandler(List<MethodSecurityExpressionHandler> handlers) {
 		if (handlers.size() != 1) {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
index 1c89141824..bdd611fd27 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
@@ -194,23 +194,6 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 		this.requestMatcherConfigurer = new RequestMatcherConfigurer(context);
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	@SuppressWarnings("unchecked")
-	public HttpSecurity(org.springframework.security.config.annotation.ObjectPostProcessor<Object> objectPostProcessor,
-			AuthenticationManagerBuilder authenticationBuilder, Map<Class<?>, Object> sharedObjects) {
-		super(objectPostProcessor);
-		Assert.notNull(authenticationBuilder, "authenticationBuilder cannot be null");
-		setSharedObject(AuthenticationManagerBuilder.class, authenticationBuilder);
-		for (Map.Entry<Class<?>, Object> entry : sharedObjects.entrySet()) {
-			setSharedObject((Class<Object>) entry.getKey(), entry.getValue());
-		}
-		ApplicationContext context = (ApplicationContext) sharedObjects.get(ApplicationContext.class);
-		this.requestMatcherConfigurer = new RequestMatcherConfigurer(context);
-	}
-
 	private ApplicationContext getContext() {
 		return getSharedObject(ApplicationContext.class);
 	}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
index 9b906ebdfd..54c4566af8 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -139,14 +139,6 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
 		super(objectPostProcessor);
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	public WebSecurity(org.springframework.security.config.annotation.ObjectPostProcessor<Object> objectPostProcessor) {
-		super(objectPostProcessor);
-	}
-
 	/**
 	 * <p>
 	 * Allows adding {@link RequestMatcher} instances that Spring Security should ignore.
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
index 8c103b9fee..c139c7e10a 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -180,17 +180,6 @@ class HttpSecurityConfiguration {
 			this.defaultPasswordEncoder = defaultPasswordEncoder;
 		}
 
-		/**
-		 * @deprecated
-		 */
-		@Deprecated(since = "6.4", forRemoval = true)
-		DefaultPasswordEncoderAuthenticationManagerBuilder(
-				org.springframework.security.config.annotation.ObjectPostProcessor<Object> objectPostProcessor,
-				PasswordEncoder defaultPasswordEncoder) {
-			super(objectPostProcessor);
-			this.defaultPasswordEncoder = defaultPasswordEncoder;
-		}
-
 		@Override
 		public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemoryAuthentication()
 				throws Exception {
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractHttpConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractHttpConfigurer.java
index a7251514fd..d25d3575b1 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractHttpConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractHttpConfigurer.java
@@ -55,17 +55,6 @@ public abstract class AbstractHttpConfigurer<T extends AbstractHttpConfigurer<T,
 		return (T) this;
 	}
 
-	/**
-	 * @deprecated
-	 */
-	@Deprecated(since = "6.4", forRemoval = true)
-	@SuppressWarnings("unchecked")
-	public T withObjectPostProcessor(
-			org.springframework.security.config.annotation.ObjectPostProcessor<?> objectPostProcessor) {
-		addObjectPostProcessor(objectPostProcessor);
-		return (T) this;
-	}
-
 	protected SecurityContextHolderStrategy getSecurityContextHolderStrategy() {
 		if (this.securityContextHolderStrategy != null) {
 			return this.securityContextHolderStrategy;
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java
index 879451012a..1f24c4086e 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java
@@ -191,16 +191,6 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
 			return this;
 		}
 
-		/**
-		 * @deprecated
-		 */
-		@Deprecated(since = "6.4", forRemoval = true)
-		public AuthorizationManagerRequestMatcherRegistry withObjectPostProcessor(
-				org.springframework.security.config.annotation.ObjectPostProcessor<?> objectPostProcessor) {
-			addObjectPostProcessor(objectPostProcessor);
-			return this;
-		}
-
 		/**
 		 * Sets whether all dispatcher types should be filtered.
 		 * @param shouldFilter should filter all dispatcher types. Default is {@code true}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java
index 6d2ccf519c..c9a766f7a1 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2024 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -172,16 +172,6 @@ public final class ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>>
 			return this;
 		}
 
-		/**
-		 * @deprecated
-		 */
-		@Deprecated(since = "6.4", forRemoval = true)
-		public ChannelRequestMatcherRegistry withObjectPostProcessor(
-				org.springframework.security.config.annotation.ObjectPostProcessor<?> objectPostProcessor) {
-			addObjectPostProcessor(objectPostProcessor);
-			return this;
-		}
-
 		/**
 		 * Sets the {@link ChannelProcessor} instances to use in
 		 * {@link ChannelDecisionManagerImpl}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
index bddafb1d2e..91b0838011 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
@@ -240,16 +240,6 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
 			return this;
 		}
 
-		/**
-		 * @deprecated
-		 */
-		@Deprecated(since = "6.4", forRemoval = true)
-		public ExpressionInterceptUrlRegistry withObjectPostProcessor(
-				org.springframework.security.config.annotation.ObjectPostProcessor<?> objectPostProcessor) {
-			addObjectPostProcessor(objectPostProcessor);
-			return this;
-		}
-
 		public H and() {
 			return ExpressionUrlAuthorizationConfigurer.this.getBuilder();
 		}
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java
index 9386fee77e..cf7cf4d823 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java
@@ -117,14 +117,6 @@ public final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
 		return this;
 	}
 
-	@Deprecated(since = "6.4", forRemoval = true)
-	@Override
-	public UrlAuthorizationConfigurer<H> withObjectPostProcessor(
-			org.springframework.security.config.annotation.ObjectPostProcessor<?> objectPostProcessor) {
-		addObjectPostProcessor(objectPostProcessor);
-		return this;
-	}
-
 	/**
 	 * Creates the default {@link AccessDecisionVoter} instances used if an
 	 * {@link AccessDecisionManager} was not specified.
diff --git a/config/src/test/java/org/springframework/security/SerializationSamples.java b/config/src/test/java/org/springframework/security/SerializationSamples.java
index d120a6ebd0..fe9f75cd50 100644
--- a/config/src/test/java/org/springframework/security/SerializationSamples.java
+++ b/config/src/test/java/org/springframework/security/SerializationSamples.java
@@ -343,13 +343,6 @@ final class SerializationSamples {
 		generatorByClassName.put(Jwt.class, (r) -> TestJwts.user());
 
 		// oauth2-resource-server
-		generatorByClassName
-			.put(org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken.class, (r) -> {
-				var token = new org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken(
-						"token");
-				token.setDetails(details);
-				return token;
-			});
 		generatorByClassName.put(BearerTokenAuthenticationToken.class, (r) -> {
 			var token = new BearerTokenAuthenticationToken("token");
 			token.setDetails(details);
diff --git a/config/src/test/java/org/springframework/security/config/annotation/ObjectPostProcessorTests.java b/config/src/test/java/org/springframework/security/config/annotation/ObjectPostProcessorTests.java
index 8a23aaab2f..0bc223338e 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/ObjectPostProcessorTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/ObjectPostProcessorTests.java
@@ -22,6 +22,8 @@ import java.util.List;
 
 import org.junit.jupiter.api.Test;
 
+import org.springframework.security.config.ObjectPostProcessor;
+
 import static org.assertj.core.api.Assertions.assertThatObject;
 
 /**
diff --git a/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken.serialized b/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken.serialized
deleted file mode 100644
index 62d9f91556..0000000000
Binary files a/config/src/test/resources/serialized/6.5.x/org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken.serialized and /dev/null differ
diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/BearerTokenAuthenticationToken.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/BearerTokenAuthenticationToken.java
deleted file mode 100644
index 7251a63090..0000000000
--- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/BearerTokenAuthenticationToken.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2002-2018 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.oauth2.server.resource;
-
-import org.springframework.security.core.SpringSecurityCoreVersion;
-
-/**
- * @deprecated Please use
- * {@link org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken}
- */
-@Deprecated
-public class BearerTokenAuthenticationToken
-		extends org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken {
-
-	private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
-
-	/**
-	 * Create a {@code BearerTokenAuthenticationToken} using the provided parameter(s)
-	 * @param token - the bearer token
-	 */
-	public BearerTokenAuthenticationToken(String token) {
-		super(token);
-	}
-
-}
diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationFilter.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationFilter.java
deleted file mode 100644
index fd8b04b870..0000000000
--- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationFilter.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.oauth2.server.resource.web;
-
-import jakarta.servlet.http.HttpServletRequest;
-
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.AuthenticationManagerResolver;
-
-/**
- * @deprecated Use
- * {@link org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter}
- * instead
- */
-@Deprecated
-public final class BearerTokenAuthenticationFilter
-		extends org.springframework.security.oauth2.server.resource.web.authentication.BearerTokenAuthenticationFilter {
-
-	/**
-	 * Construct a {@code BearerTokenAuthenticationFilter} using the provided parameter(s)
-	 * @param authenticationManagerResolver
-	 */
-	public BearerTokenAuthenticationFilter(
-			AuthenticationManagerResolver<HttpServletRequest> authenticationManagerResolver) {
-		super(authenticationManagerResolver);
-	}
-
-	/**
-	 * Construct a {@code BearerTokenAuthenticationFilter} using the provided parameter(s)
-	 * @param authenticationManager
-	 */
-	public BearerTokenAuthenticationFilter(AuthenticationManager authenticationManager) {
-		super(authenticationManager);
-	}
-
-}