Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration

It seems like it's one of the "breaking changes" Spring Boot 2.0 introduced. I believe that your case is described in Spring Boot 2.0 Migration Guide.

In your WebSecurityConfigurerAdapter class you need to override authenticationManagerBean method and annotate it with @Bean, i.e.:

@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

Moreover, in your WebSecurityConfigurerAdapter instead of injecting the AuthenticationManager instance with @Autowired you can just use the authenticationManagerBean() method, i.e.:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception 
{
    auth.parentAuthenticationManager(authenticationManagerBean());
        .userDetailsService(customUserDetailsService);
}