root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Make web security config require spring-security-web on classpath 

Previously, SpringBootWebSecurityConfiguration required a web
application and @EnableWebSecurity to be on the classpath.
@EnableWebSecurity is in spring-security-config so this could lead
to the configuration being active when spring-security-web isn't
on the classpath but the rest of Spring Security is.

This commit updates SpringBootWebSecurityConfiguration to also make it
conditional on a class in spring-security-web.

Fixes gh-2717
This commit is contained in:
Andy Wilkinson 2015-03-25 17:22:30 +00:00
parent 60c1a150b3
commit 219317e8c7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.java
View File

@ -87,7 +87,7 @@ import org.springframework.web.servlet.support.RequestDataValueProcessor;
*/
@Configuration
@EnableConfigurationProperties
@ConditionalOnClass({ EnableWebSecurity.class })
@ConditionalOnClass({ EnableWebSecurity.class, AuthenticationEntryPoint.class })
@ConditionalOnMissingBean(WebSecurityConfiguration.class)
@ConditionalOnWebApplication
public class SpringBootWebSecurityConfiguration {