root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 15 Packages Projects Releases Wiki Activity

Discontinue use of deprecated @EnableWebMvcSecurity

This commit is contained in:
Dave Syer 2015-06-08 13:24:03 +01:00
parent a226005f94
commit 8590950d70
1 changed files with 1 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SpringBootWebSecurityConfiguration.java
View File

@ -29,7 +29,6 @@ import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.security.SecurityProperties.Headers;
@ -49,7 +48,6 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
@ -57,7 +55,6 @@ import org.springframework.security.web.header.writers.HstsHeaderWriter;
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.support.RequestDataValueProcessor;
/**
* {@link EnableAutoConfiguration Auto-configuration} for security of a web application or
@ -89,6 +86,7 @@ import org.springframework.web.servlet.support.RequestDataValueProcessor;
@ConditionalOnClass({ EnableWebSecurity.class, AuthenticationEntryPoint.class })
@ConditionalOnMissingBean(WebSecurityConfiguration.class)
@ConditionalOnWebApplication
@EnableWebSecurity
public class SpringBootWebSecurityConfiguration {
private static List<String> DEFAULT_IGNORED = Arrays.asList("/css/**", "/js/**",
@ -184,30 +182,6 @@ public class SpringBootWebSecurityConfiguration {
}
// Pull in @EnableWebMvcSecurity if Spring MVC is available and no-one defined a
// RequestDataValueProcessor
@ConditionalOnClass(RequestDataValueProcessor.class)
@ConditionalOnMissingBean(RequestDataValueProcessor.class)
@Configuration
protected static class WebMvcSecurityConfigurationConditions {
@Configuration
@EnableWebMvcSecurity
protected static class DefaultWebMvcSecurityConfiguration {
}
}
// Pull in a plain @EnableWebSecurity if Spring MVC is not available
@ConditionalOnMissingBean(WebMvcSecurityConfigurationConditions.class)
@ConditionalOnMissingClass("org.springframework.web.servlet.support.RequestDataValueProcessor")
@Configuration
@EnableWebSecurity
protected static class DefaultWebSecurityConfiguration {
}
@Configuration
@ConditionalOnProperty(prefix = "security.basic", name = "enabled", havingValue = "false")
@Order(SecurityProperties.BASIC_AUTH_ORDER)