Merge branch '2.7.x' into main
This commit is contained in:
Scott Frederick
commit
cb69d01e04
|
|
@ -44,7 +44,6 @@ import org.springframework.boot.web.servlet.context.AnnotationConfigServletWebSe
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.test.web.reactive.server.WebTestClient;
|
import org.springframework.test.web.reactive.server.WebTestClient;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -172,8 +171,9 @@ abstract class AbstractEndpointRequestIntegrationTests {
|
||||||
static class SecurityConfiguration {
|
static class SecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
|
@SuppressWarnings("deprecation")
|
||||||
return new WebSecurityConfigurerAdapter() {
|
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
|
||||||
|
return new org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter() {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,6 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||||
import org.springframework.mock.web.MockServletContext;
|
import org.springframework.mock.web.MockServletContext;
|
||||||
import org.springframework.security.config.Customizer;
|
import org.springframework.security.config.Customizer;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.web.FilterChainProxy;
|
import org.springframework.security.web.FilterChainProxy;
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||||
|
|
@ -174,7 +173,9 @@ class ManagementWebSecurityAutoConfigurationTests {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
static class CustomSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
@SuppressWarnings("deprecation")
|
||||||
|
static class CustomSecurityConfiguration
|
||||||
|
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,6 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||||
import org.springframework.context.annotation.Condition;
|
import org.springframework.context.annotation.Condition;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -41,7 +40,10 @@ class DefaultWebSecurityCondition extends AllNestedConditions {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ConditionalOnMissingBean({ WebSecurityConfigurerAdapter.class, SecurityFilterChain.class })
|
@ConditionalOnMissingBean({
|
||||||
|
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class,
|
||||||
|
SecurityFilterChain.class })
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
static class Beans {
|
static class Beans {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,6 @@ import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.Customizer;
|
import org.springframework.security.config.Customizer;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
|
import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
|
||||||
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
|
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
|
||||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||||
|
|
@ -32,13 +31,15 @@ import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepo
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* {@link WebSecurityConfigurerAdapter} to add OAuth client support.
|
* {@link org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter}
|
||||||
|
* to add OAuth client support.
|
||||||
*
|
*
|
||||||
* @author Madhura Bhave
|
* @author Madhura Bhave
|
||||||
* @author Phillip Webb
|
* @author Phillip Webb
|
||||||
*/
|
*/
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
@ConditionalOnBean(ClientRegistrationRepository.class)
|
@ConditionalOnBean(ClientRegistrationRepository.class)
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
class OAuth2WebSecurityConfiguration {
|
class OAuth2WebSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
|
|
||||||
|
|
@ -32,7 +32,6 @@ import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Conditional;
|
import org.springframework.context.annotation.Conditional;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
||||||
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
|
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
|
||||||
import org.springframework.security.oauth2.jwt.JwtDecoder;
|
import org.springframework.security.oauth2.jwt.JwtDecoder;
|
||||||
|
|
@ -44,7 +43,8 @@ import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Configures a {@link JwtDecoder} when a JWK Set URI, OpenID Connect Issuer URI or Public
|
* Configures a {@link JwtDecoder} when a JWK Set URI, OpenID Connect Issuer URI or Public
|
||||||
* Key configuration is available. Also configures a {@link WebSecurityConfigurerAdapter}
|
* Key configuration is available. Also configures a
|
||||||
|
* {@link org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter}
|
||||||
* if a {@link JwtDecoder} bean is found.
|
* if a {@link JwtDecoder} bean is found.
|
||||||
*
|
*
|
||||||
* @author Madhura Bhave
|
* @author Madhura Bhave
|
||||||
|
|
@ -52,6 +52,7 @@ import org.springframework.security.web.SecurityFilterChain;
|
||||||
* @author HaiTao Zhang
|
* @author HaiTao Zhang
|
||||||
*/
|
*/
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
class OAuth2ResourceServerJwtConfiguration {
|
class OAuth2ResourceServerJwtConfiguration {
|
||||||
|
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,6 @@ import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2Res
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
||||||
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
|
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
|
||||||
import org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector;
|
import org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector;
|
||||||
|
|
@ -32,12 +31,14 @@ import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Configures a {@link OpaqueTokenIntrospector} when a token introspection endpoint is
|
* Configures a {@link OpaqueTokenIntrospector} when a token introspection endpoint is
|
||||||
* available. Also configures a {@link WebSecurityConfigurerAdapter} if a
|
* available. Also configures a
|
||||||
* {@link OpaqueTokenIntrospector} bean is found.
|
* {@link org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter}
|
||||||
|
* if a {@link OpaqueTokenIntrospector} bean is found.
|
||||||
*
|
*
|
||||||
* @author Madhura Bhave
|
* @author Madhura Bhave
|
||||||
*/
|
*/
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
class OAuth2ResourceServerOpaqueTokenConfiguration {
|
class OAuth2ResourceServerOpaqueTokenConfiguration {
|
||||||
|
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
|
|
|
||||||
|
|
@ -21,19 +21,19 @@ import org.springframework.boot.autoconfigure.security.ConditionalOnDefaultWebSe
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* {@link WebSecurityConfigurerAdapter} configuration for Spring Security's relying party
|
* {@link org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter}
|
||||||
* SAML support.
|
* configuration for Spring Security's relying party SAML support.
|
||||||
*
|
*
|
||||||
* @author Madhura Bhave
|
* @author Madhura Bhave
|
||||||
*/
|
*/
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
@ConditionalOnDefaultWebSecurity
|
@ConditionalOnDefaultWebSecurity
|
||||||
@ConditionalOnBean(RelyingPartyRegistrationRepository.class)
|
@ConditionalOnBean(RelyingPartyRegistrationRepository.class)
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
class Saml2LoginConfiguration {
|
class Saml2LoginConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
|
|
||||||
|
|
@ -24,14 +24,14 @@ import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.core.annotation.Order;
|
import org.springframework.core.annotation.Order;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The default configuration for web security. It relies on Spring Security's
|
* The default configuration for web security. It relies on Spring Security's
|
||||||
* content-negotiation strategy to determine what sort of authentication to use. If the
|
* content-negotiation strategy to determine what sort of authentication to use. If the
|
||||||
* user specifies their own {@link WebSecurityConfigurerAdapter} or
|
* user specifies their own
|
||||||
* {@link SecurityFilterChain} bean, this will back-off completely and the users should
|
* {@link org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter}
|
||||||
|
* or {@link SecurityFilterChain} bean, this will back-off completely and the users should
|
||||||
* specify all the bits that they want to configure as part of the custom security
|
* specify all the bits that they want to configure as part of the custom security
|
||||||
* configuration.
|
* configuration.
|
||||||
*
|
*
|
||||||
|
|
@ -40,6 +40,7 @@ import org.springframework.security.web.SecurityFilterChain;
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
@ConditionalOnDefaultWebSecurity
|
@ConditionalOnDefaultWebSecurity
|
||||||
@ConditionalOnWebApplication(type = Type.SERVLET)
|
@ConditionalOnWebApplication(type = Type.SERVLET)
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
class SpringBootWebSecurityConfiguration {
|
class SpringBootWebSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,6 @@ import org.springframework.context.annotation.Import;
|
||||||
import org.springframework.security.config.BeanIds;
|
import org.springframework.security.config.BeanIds;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
|
import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
|
||||||
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
|
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
|
||||||
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||||
|
|
@ -230,7 +229,9 @@ class OAuth2WebSecurityConfigurationTests {
|
||||||
|
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
@Import(ClientRegistrationRepositoryConfiguration.class)
|
@Import(ClientRegistrationRepositoryConfiguration.class)
|
||||||
static class TestWebSecurityConfigurerConfig extends WebSecurityConfigurerAdapter {
|
@SuppressWarnings("deprecation")
|
||||||
|
static class TestWebSecurityConfigurerConfig
|
||||||
|
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -38,7 +38,6 @@ import org.springframework.core.io.Resource;
|
||||||
import org.springframework.security.config.BeanIds;
|
import org.springframework.security.config.BeanIds;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
||||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
||||||
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
|
import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
|
||||||
|
|
@ -281,8 +280,9 @@ class Saml2RelyingPartyAutoConfigurationTests {
|
||||||
static class WebSecurityConfigurerAdapterConfiguration {
|
static class WebSecurityConfigurerAdapterConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
|
@SuppressWarnings("deprecation")
|
||||||
return new WebSecurityConfigurerAdapter() {
|
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
|
||||||
|
return new org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter() {
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -50,7 +50,6 @@ import org.springframework.security.authentication.DefaultAuthenticationEventPub
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.AuthenticationException;
|
import org.springframework.security.core.AuthenticationException;
|
||||||
import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;
|
import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;
|
||||||
|
|
@ -102,9 +101,12 @@ class SecurityAutoConfigurationTests {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
void securityConfigurerBacksOffWhenOtherWebSecurityAdapterBeanPresent() {
|
void securityConfigurerBacksOffWhenOtherWebSecurityAdapterBeanPresent() {
|
||||||
this.contextRunner.withUserConfiguration(WebSecurity.class).run((context) -> {
|
this.contextRunner.withUserConfiguration(WebSecurity.class).run((context) -> {
|
||||||
assertThat(context.getBeansOfType(WebSecurityConfigurerAdapter.class).size()).isEqualTo(1);
|
assertThat(context.getBeansOfType(
|
||||||
|
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class)
|
||||||
|
.size()).isEqualTo(1);
|
||||||
assertThat(context.containsBean("securityAutoConfigurationTests.WebSecurity")).isTrue();
|
assertThat(context.containsBean("securityAutoConfigurationTests.WebSecurity")).isTrue();
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
@ -285,7 +287,9 @@ class SecurityAutoConfigurationTests {
|
||||||
|
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
static class WebSecurity extends WebSecurityConfigurerAdapter {
|
@SuppressWarnings("deprecation")
|
||||||
|
static class WebSecurity
|
||||||
|
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -38,7 +38,6 @@ import org.springframework.security.authentication.TestingAuthenticationProvider
|
||||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.core.userdetails.User;
|
import org.springframework.security.core.userdetails.User;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
|
@ -270,8 +269,9 @@ class UserDetailsServiceAutoConfigurationTests {
|
||||||
static class TestConfigWithAuthenticationManagerBuilder {
|
static class TestConfigWithAuthenticationManagerBuilder {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
|
@SuppressWarnings("deprecation")
|
||||||
return new WebSecurityConfigurerAdapter() {
|
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter webSecurityConfigurerAdapter() {
|
||||||
|
return new org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter() {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||||
auth.inMemoryAuthentication().withUser("hero").password("{noop}hero").roles("HERO", "USER").and()
|
auth.inMemoryAuthentication().withUser("hero").password("{noop}hero").roles("HERO", "USER").and()
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,6 @@ import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.core.annotation.Order;
|
import org.springframework.core.annotation.Order;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||||
|
|
||||||
|
|
@ -48,7 +47,8 @@ class RemoteDevtoolsSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Order(SecurityProperties.BASIC_AUTH_ORDER - 1)
|
@Order(SecurityProperties.BASIC_AUTH_ORDER - 1)
|
||||||
@ConditionalOnMissingBean(WebSecurityConfigurerAdapter.class)
|
@ConditionalOnMissingBean(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class)
|
||||||
|
@SuppressWarnings("deprecation")
|
||||||
SecurityFilterChain devtoolsSecurityFilterChain(HttpSecurity http) throws Exception {
|
SecurityFilterChain devtoolsSecurityFilterChain(HttpSecurity http) throws Exception {
|
||||||
http.requestMatcher(new AntPathRequestMatcher(this.url)).authorizeRequests().anyRequest().anonymous().and()
|
http.requestMatcher(new AntPathRequestMatcher(this.url)).authorizeRequests().anyRequest().anonymous().and()
|
||||||
.csrf().disable();
|
.csrf().disable();
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,6 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
||||||
import org.springframework.mock.web.MockServletContext;
|
import org.springframework.mock.web.MockServletContext;
|
||||||
import org.springframework.security.config.BeanIds;
|
import org.springframework.security.config.BeanIds;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.test.web.servlet.MockMvc;
|
import org.springframework.test.web.servlet.MockMvc;
|
||||||
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
|
||||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||||
|
|
@ -272,7 +271,9 @@ class RemoteDevToolsAutoConfigurationTests {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Configuration(proxyBeanMethods = false)
|
@Configuration(proxyBeanMethods = false)
|
||||||
static class TestWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
|
@SuppressWarnings("deprecation")
|
||||||
|
static class TestWebSecurityConfigurerAdapter
|
||||||
|
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,6 @@ import org.springframework.core.type.classreading.MetadataReader;
|
||||||
import org.springframework.core.type.classreading.MetadataReaderFactory;
|
import org.springframework.core.type.classreading.MetadataReaderFactory;
|
||||||
import org.springframework.core.type.classreading.SimpleMetadataReaderFactory;
|
import org.springframework.core.type.classreading.SimpleMetadataReaderFactory;
|
||||||
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
|
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.web.SecurityFilterChain;
|
import org.springframework.security.web.SecurityFilterChain;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
import org.springframework.stereotype.Repository;
|
import org.springframework.stereotype.Repository;
|
||||||
|
|
@ -205,7 +204,9 @@ class WebMvcTypeExcludeFilterTests {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static class ExampleWebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
@SuppressWarnings("deprecation")
|
||||||
|
static class ExampleWebSecurityConfigurer
|
||||||
|
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue