diff --git a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurity.java index 355131b129..2bbf5647da 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurity.java +++ b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurity.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2017 the original author or authors. + * Copyright 2002-2023 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -73,6 +73,6 @@ public @interface EnableReactiveMethodSecurity { * used. * @since 5.8 */ - boolean useAuthorizationManager() default false; + boolean useAuthorizationManager() default true; } diff --git a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java index 8e33e68279..cd0647fd23 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2023 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -78,8 +78,7 @@ public class EnableReactiveMethodSecurityTests { .withMessage("The returnType class java.lang.String on public abstract java.lang.String " + "org.springframework.security.config.annotation.method.configuration.ReactiveMessageService" + ".notPublisherPreAuthorizeFindById(long) must return an instance of org.reactivestreams" - + ".Publisher (i.e. Mono / Flux) or the function must be a Kotlin coroutine " - + "function in order to support Reactor Context"); + + ".Publisher (for example, a Mono or Flux) in order to support Reactor Context"); } @Test diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/method/configuration/KotlinEnableReactiveMethodSecurityTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/method/configuration/KotlinEnableReactiveMethodSecurityNoAuthorizationManagerTests.kt similarity index 96% rename from config/src/test/kotlin/org/springframework/security/config/annotation/method/configuration/KotlinEnableReactiveMethodSecurityTests.kt rename to config/src/test/kotlin/org/springframework/security/config/annotation/method/configuration/KotlinEnableReactiveMethodSecurityNoAuthorizationManagerTests.kt index 51613be92d..0ea704fe34 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/method/configuration/KotlinEnableReactiveMethodSecurityTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/method/configuration/KotlinEnableReactiveMethodSecurityNoAuthorizationManagerTests.kt @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2023 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -38,7 +38,8 @@ import org.springframework.test.context.junit.jupiter.SpringExtension @ExtendWith(SpringExtension::class) @ContextConfiguration -class KotlinEnableReactiveMethodSecurityTests { +// no authorization manager due to https://github.com/spring-projects/spring-security/issues/12080 +class KotlinEnableReactiveMethodSecurityNoAuthorizationManagerTests { private lateinit var delegate: KotlinReactiveMessageService @@ -211,7 +212,7 @@ class KotlinEnableReactiveMethodSecurityTests { } @Configuration - @EnableReactiveMethodSecurity + @EnableReactiveMethodSecurity(useAuthorizationManager = false) open class Config { var delegate = mockk()