It seems like it’s one of the “breaking changes” Spring Boot 2.0 introduced. I believe that your case is described in Spring Boot 2.0 Migration Guide.
In your WebSecurityConfigurerAdapter class you need to override authenticationManagerBean method and annotate it with @Bean, i.e.:
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}