root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Remove unnecessary throws Exception from spring-security-config 

Closes gh-17957
This commit is contained in:
Rob Winch 2025-09-25 11:48:10 -05:00
parent be20201bf7
commit 667cd4aa7c
No known key found for this signature in database
56 changed files with 204 additions and 307 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java
View File

@ -96,10 +96,10 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
} }
/** /**
* Similar to {@link #build()} and {@link #getObject()} but checks the state to * Similar to {@link SecurityBuilder#build()} and {@link #getObject()} but checks the
* determine if {@link #build()} needs to be called first. * state to determine if {@link SecurityBuilder#build()} needs to be called first.
* @return the result of {@link #build()} or {@link #getObject()}. If an error occurs * @return the result of {@link SecurityBuilder#build()} or {@link #getObject()}. If
* while building, returns null. * an error occurs while building, returns null.
*/ */
public O getOrBuild() { public O getOrBuild() {
if (!isUnbuilt()) { if (!isUnbuilt()) {
@ -122,7 +122,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
* @return the {@link SecurityConfigurerAdapter} for further customizations * @return the {@link SecurityConfigurerAdapter} for further customizations
* @throws Exception * @throws Exception
*/ */
public <C extends SecurityConfigurer<O, B>> C apply(C configurer) throws Exception { public <C extends SecurityConfigurer<O, B>> C apply(C configurer) {
add(configurer); add(configurer);
return configurer; return configurer;
} }
@ -145,7 +145,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
* @throws Exception * @throws Exception
* @since 7.0 * @since 7.0
*/ */
public <C extends SecurityConfigurerAdapter<O, B>> B with(C configurer) throws Exception { public <C extends SecurityConfigurerAdapter<O, B>> B with(C configurer) {
return with(configurer, Customizer.withDefaults()); return with(configurer, Customizer.withDefaults());
} }
@ -158,7 +158,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
* @since 6.2 * @since 6.2
*/ */
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
public <C extends SecurityConfigurerAdapter<O, B>> B with(C configurer, Customizer<C> customizer) throws Exception { public <C extends SecurityConfigurerAdapter<O, B>> B with(C configurer, Customizer<C> customizer) {
configurer.addObjectPostProcessor(this.objectPostProcessor); configurer.addObjectPostProcessor(this.objectPostProcessor);
configurer.setBuilder((B) this); configurer.setBuilder((B) this);
add(configurer); add(configurer);
@ -326,7 +326,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
* </ul> * </ul>
*/ */
@Override @Override
protected final O doBuild() throws Exception { protected final O doBuild() {
synchronized (this.configurers) { synchronized (this.configurers) {
this.buildState = BuildState.INITIALIZING; this.buildState = BuildState.INITIALIZING;
beforeInit(); beforeInit();
@ -346,7 +346,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
* method. Subclasses may override this method to hook into the lifecycle without * method. Subclasses may override this method to hook into the lifecycle without
* using a {@link SecurityConfigurer}. * using a {@link SecurityConfigurer}.
*/ */
protected void beforeInit() throws Exception { protected void beforeInit() {
} }
/** /**
@ -355,17 +355,17 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
* override this method to hook into the lifecycle without using a * override this method to hook into the lifecycle without using a
* {@link SecurityConfigurer}. * {@link SecurityConfigurer}.
*/ */
protected void beforeConfigure() throws Exception { protected void beforeConfigure() {
} }
/** /**
* Subclasses must implement this method to build the object that is being returned. * Subclasses must implement this method to build the object that is being returned.
* @return the Object to be buit or null if the implementation allows it * @return the Object to be buit or null if the implementation allows it
*/ */
protected abstract O performBuild() throws Exception; protected abstract O performBuild();
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
private void init() throws Exception { private void init() {
Collection<SecurityConfigurer<O, B>> configurers = getConfigurers(); Collection<SecurityConfigurer<O, B>> configurers = getConfigurers();
for (SecurityConfigurer<O, B> configurer : configurers) { for (SecurityConfigurer<O, B> configurer : configurers) {
configurer.init((B) this); configurer.init((B) this);
@ -380,7 +380,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
} }
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
private void configure() throws Exception { private void configure() {
Collection<SecurityConfigurer<O, B>> configurers = getConfigurers(); Collection<SecurityConfigurer<O, B>> configurers = getConfigurers();
for (SecurityConfigurer<O, B> configurer : configurers) { for (SecurityConfigurer<O, B> configurer : configurers) {
configurer.configure((B) this); configurer.configure((B) this);

6
config/src/main/java/org/springframework/security/config/annotation/AbstractSecurityBuilder.java
View File

@ -33,7 +33,7 @@ public abstract class AbstractSecurityBuilder<O> implements SecurityBuilder<O> {
private O object; private O object;
@Override @Override
public final O build() throws Exception { public final O build() {
if (this.building.compareAndSet(false, true)) { if (this.building.compareAndSet(false, true)) {
this.object = doBuild(); this.object = doBuild();
return this.object; return this.object;
@ -55,9 +55,9 @@ public abstract class AbstractSecurityBuilder<O> implements SecurityBuilder<O> {
/** /**
* Subclasses should implement this to perform the build. * Subclasses should implement this to perform the build.
* @return the object that should be returned by {@link #build()}. * @return the object that should be returned by {@link SecurityBuilder#build()}.
* @throws Exception if an error occurs * @throws Exception if an error occurs
*/ */
protected abstract O doBuild() throws Exception; protected abstract O doBuild();
} }

2
config/src/main/java/org/springframework/security/config/annotation/AlreadyBuiltException.java
View File

@ -17,7 +17,7 @@
package org.springframework.security.config.annotation; package org.springframework.security.config.annotation;
/** /**
* Thrown when {@link AbstractSecurityBuilder#build()} is two or more times. * Thrown when {@link SecurityBuilder#build()} is two or more times.
* *
* @author Rob Winch * @author Rob Winch
* @since 3.2 * @since 3.2

2
config/src/main/java/org/springframework/security/config/annotation/SecurityBuilder.java
View File

@ -30,6 +30,6 @@ public interface SecurityBuilder<O> {
* @return the Object to be built or null if the implementation allows it. * @return the Object to be built or null if the implementation allows it.
* @throws Exception if an error occurred when building the Object * @throws Exception if an error occurred when building the Object
*/ */
O build() throws Exception; O build();
} }

4
config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurer.java
View File

@ -38,7 +38,7 @@ public interface SecurityConfigurer<O, B extends SecurityBuilder<O>> {
* @param builder * @param builder
* @throws Exception * @throws Exception
*/ */
void init(B builder) throws Exception; void init(B builder);
/** /**
* Configure the {@link SecurityBuilder} by setting the necessary properties on the * Configure the {@link SecurityBuilder} by setting the necessary properties on the
@ -46,6 +46,6 @@ public interface SecurityConfigurer<O, B extends SecurityBuilder<O>> {
* @param builder * @param builder
* @throws Exception * @throws Exception
*/ */
void configure(B builder) throws Exception; void configure(B builder);
} }

4
config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java
View File

@ -44,11 +44,11 @@ public abstract class SecurityConfigurerAdapter<O, B extends SecurityBuilder<O>>
private CompositeObjectPostProcessor objectPostProcessor = new CompositeObjectPostProcessor(); private CompositeObjectPostProcessor objectPostProcessor = new CompositeObjectPostProcessor();
@Override @Override
public void init(B builder) throws Exception { public void init(B builder) {
} }
@Override @Override
public void configure(B builder) throws Exception { public void configure(B builder) {
} }
/** /**

11
config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java
View File

@ -127,8 +127,7 @@ public class AuthenticationManagerBuilder
* the in memory authentication * the in memory authentication
* @throws Exception if an error occurs when adding the in memory authentication * @throws Exception if an error occurs when adding the in memory authentication
*/ */
public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemoryAuthentication() public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemoryAuthentication() {
throws Exception {
return apply(new InMemoryUserDetailsManagerConfigurer<>()); return apply(new InMemoryUserDetailsManagerConfigurer<>());
} }
@ -156,7 +155,7 @@ public class AuthenticationManagerBuilder
* JDBC authentication * JDBC authentication
* @throws Exception if an error occurs when adding the JDBC authentication * @throws Exception if an error occurs when adding the JDBC authentication
*/ */
public JdbcUserDetailsManagerConfigurer<AuthenticationManagerBuilder> jdbcAuthentication() throws Exception { public JdbcUserDetailsManagerConfigurer<AuthenticationManagerBuilder> jdbcAuthentication() {
return apply(new JdbcUserDetailsManagerConfigurer<>()); return apply(new JdbcUserDetailsManagerConfigurer<>());
} }
@ -177,7 +176,7 @@ public class AuthenticationManagerBuilder
* based authentication * based authentication
*/ */
public <T extends UserDetailsService> DaoAuthenticationConfigurer<AuthenticationManagerBuilder, T> userDetailsService( public <T extends UserDetailsService> DaoAuthenticationConfigurer<AuthenticationManagerBuilder, T> userDetailsService(
T userDetailsService) throws Exception { T userDetailsService) {
this.defaultUserDetailsService = userDetailsService; this.defaultUserDetailsService = userDetailsService;
return apply(new DaoAuthenticationConfigurer<>(userDetailsService)); return apply(new DaoAuthenticationConfigurer<>(userDetailsService));
} }
@ -222,7 +221,7 @@ public class AuthenticationManagerBuilder
} }
@Override @Override
protected ProviderManager performBuild() throws Exception { protected ProviderManager performBuild() {
if (!isConfigured()) { if (!isConfigured()) {
this.logger.debug("No authenticationProviders and no parentAuthenticationManager defined. Returning null."); this.logger.debug("No authenticationProviders and no parentAuthenticationManager defined. Returning null.");
return null; return null;
@ -277,7 +276,7 @@ public class AuthenticationManagerBuilder
* @throws Exception if an error occurs * @throws Exception if an error occurs
*/ */
private <C extends UserDetailsAwareConfigurer<AuthenticationManagerBuilder, ? extends UserDetailsService>> C apply( private <C extends UserDetailsAwareConfigurer<AuthenticationManagerBuilder, ? extends UserDetailsService>> C apply(
C configurer) throws Exception { C configurer) {
this.defaultUserDetailsService = configurer.getUserDetailsService(); this.defaultUserDetailsService = configurer.getUserDetailsService();
with(configurer); with(configurer);
return configurer; return configurer;

9
config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfiguration.java
View File

@ -107,7 +107,7 @@ public class AuthenticationConfiguration {
return new InitializeAuthenticationProviderBeanManagerConfigurer(context); return new InitializeAuthenticationProviderBeanManagerConfigurer(context);
} }
public AuthenticationManager getAuthenticationManager() throws Exception { public AuthenticationManager getAuthenticationManager() {
if (this.authenticationManagerInitialized) { if (this.authenticationManagerInitialized) {
return this.authenticationManager; return this.authenticationManager;
} }
@ -274,19 +274,18 @@ public class AuthenticationConfiguration {
} }
@Override @Override
public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemoryAuthentication() public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemoryAuthentication() {
throws Exception {
return super.inMemoryAuthentication().passwordEncoder(this.defaultPasswordEncoder); return super.inMemoryAuthentication().passwordEncoder(this.defaultPasswordEncoder);
} }
@Override @Override
public JdbcUserDetailsManagerConfigurer<AuthenticationManagerBuilder> jdbcAuthentication() throws Exception { public JdbcUserDetailsManagerConfigurer<AuthenticationManagerBuilder> jdbcAuthentication() {
return super.jdbcAuthentication().passwordEncoder(this.defaultPasswordEncoder); return super.jdbcAuthentication().passwordEncoder(this.defaultPasswordEncoder);
} }
@Override @Override
public <T extends UserDetailsService> DaoAuthenticationConfigurer<AuthenticationManagerBuilder, T> userDetailsService( public <T extends UserDetailsService> DaoAuthenticationConfigurer<AuthenticationManagerBuilder, T> userDetailsService(
T userDetailsService) throws Exception { T userDetailsService) {
return super.userDetailsService(userDetailsService).passwordEncoder(this.defaultPasswordEncoder); return super.userDetailsService(userDetailsService).passwordEncoder(this.defaultPasswordEncoder);
} }

4
config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/GlobalAuthenticationConfigurerAdapter.java
View File

@ -35,11 +35,11 @@ public abstract class GlobalAuthenticationConfigurerAdapter
implements SecurityConfigurer<AuthenticationManager, AuthenticationManagerBuilder> { implements SecurityConfigurer<AuthenticationManager, AuthenticationManagerBuilder> {
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
} }
@Override @Override
public void configure(AuthenticationManagerBuilder auth) throws Exception { public void configure(AuthenticationManagerBuilder auth) {
} }
} }

2
config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/InitializeAuthenticationProviderBeanManagerConfigurer.java
View File

@ -49,7 +49,7 @@ class InitializeAuthenticationProviderBeanManagerConfigurer extends GlobalAuthen
} }
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
auth.apply(new InitializeAuthenticationProviderManagerConfigurer()); auth.apply(new InitializeAuthenticationProviderManagerConfigurer());
} }

4
config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/InitializeUserDetailsBeanManagerConfigurer.java
View File

@ -56,7 +56,7 @@ class InitializeUserDetailsBeanManagerConfigurer extends GlobalAuthenticationCon
} }
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
auth.apply(new InitializeUserDetailsManagerConfigurer()); auth.apply(new InitializeUserDetailsManagerConfigurer());
} }
@ -65,7 +65,7 @@ class InitializeUserDetailsBeanManagerConfigurer extends GlobalAuthenticationCon
private final Log logger = LogFactory.getLog(getClass()); private final Log logger = LogFactory.getLog(getClass());
@Override @Override
public void configure(AuthenticationManagerBuilder auth) throws Exception { public void configure(AuthenticationManagerBuilder auth) {
String[] beanNames = InitializeUserDetailsBeanManagerConfigurer.this.context String[] beanNames = InitializeUserDetailsBeanManagerConfigurer.this.context
.getBeanNamesForType(UserDetailsService.class); .getBeanNamesForType(UserDetailsService.class);
if (auth.isConfigured()) { if (auth.isConfigured()) {

10
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java
View File

@ -98,7 +98,7 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
unboundIdPresent = ClassUtils.isPresent(UNBOUNDID_CLASSNAME, classLoader); unboundIdPresent = ClassUtils.isPresent(UNBOUNDID_CLASSNAME, classLoader);
} }
private LdapAuthenticationProvider build() throws Exception { private LdapAuthenticationProvider build() {
BaseLdapPathContextSource contextSource = getContextSource(); BaseLdapPathContextSource contextSource = getContextSource();
LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource); LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource);
LdapAuthoritiesPopulator authoritiesPopulator = getLdapAuthoritiesPopulator(); LdapAuthoritiesPopulator authoritiesPopulator = getLdapAuthoritiesPopulator();
@ -172,7 +172,7 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
* @return the {@link GrantedAuthoritiesMapper} * @return the {@link GrantedAuthoritiesMapper}
* @throws Exception if errors in {@link SimpleAuthorityMapper#afterPropertiesSet()} * @throws Exception if errors in {@link SimpleAuthorityMapper#afterPropertiesSet()}
*/ */
protected GrantedAuthoritiesMapper getAuthoritiesMapper() throws Exception { protected GrantedAuthoritiesMapper getAuthoritiesMapper() {
if (this.authoritiesMapper != null) { if (this.authoritiesMapper != null) {
return this.authoritiesMapper; return this.authoritiesMapper;
} }
@ -381,12 +381,12 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
} }
@Override @Override
public void configure(B builder) throws Exception { public void configure(B builder) {
LdapAuthenticationProvider provider = postProcess(build()); LdapAuthenticationProvider provider = postProcess(build());
builder.authenticationProvider(provider); builder.authenticationProvider(provider);
} }
private BaseLdapPathContextSource getContextSource() throws Exception { private BaseLdapPathContextSource getContextSource() {
if (this.contextSource == null) { if (this.contextSource == null) {
this.contextSource = this.contextSourceBuilder.build(); this.contextSource = this.contextSourceBuilder.build();
} }
@ -554,7 +554,7 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
return LdapAuthenticationProviderConfigurer.this; return LdapAuthenticationProviderConfigurer.this;
} }
private DefaultSpringSecurityContextSource build() throws Exception { private DefaultSpringSecurityContextSource build() {
if (this.url == null) { if (this.url == null) {
startEmbeddedLdapServer(); startEmbeddedLdapServer();
} }

2
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/provisioning/JdbcUserDetailsManagerConfigurer.java
View File

@ -150,7 +150,7 @@ public class JdbcUserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B
} }
@Override @Override
protected void initUserDetailsService() throws Exception { protected void initUserDetailsService() {
if (!this.initScripts.isEmpty()) { if (!this.initScripts.isEmpty()) {
getDataSourceInit().afterPropertiesSet(); getDataSourceInit().afterPropertiesSet();
} }

2
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/provisioning/UserDetailsManagerConfigurer.java
View File

@ -54,7 +54,7 @@ public class UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>, C
* @throws Exception * @throws Exception
*/ */
@Override @Override
protected void initUserDetailsService() throws Exception { protected void initUserDetailsService() {
for (UserDetailsBuilder userBuilder : this.userBuilders) { for (UserDetailsBuilder userBuilder : this.userBuilders) {
getUserDetailsService().createUser(userBuilder.build()); getUserDetailsService().createUser(userBuilder.build());
} }

2
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java
View File

@ -81,7 +81,7 @@ public abstract class AbstractDaoAuthenticationConfigurer<B extends ProviderMana
} }
@Override @Override
public void configure(B builder) throws Exception { public void configure(B builder) {
this.provider = postProcess(this.provider); this.provider = postProcess(this.provider);
builder.authenticationProvider(this.provider); builder.authenticationProvider(this.provider);
} }

4
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/UserDetailsServiceConfigurer.java
View File

@ -43,7 +43,7 @@ public class UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>, C
} }
@Override @Override
public void configure(B builder) throws Exception { public void configure(B builder) {
initUserDetailsService(); initUserDetailsService();
super.configure(builder); super.configure(builder);
} }
@ -52,7 +52,7 @@ public class UserDetailsServiceConfigurer<B extends ProviderManagerBuilder<B>, C
* Allows subclasses to initialize the {@link UserDetailsService}. For example, it * Allows subclasses to initialize the {@link UserDetailsService}. For example, it
* might add users, initialize schema, etc. * might add users, initialize schema, etc.
*/ */
protected void initUserDetailsService() throws Exception { protected void initUserDetailsService() {
} }
} }

258
config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
View File

@ -118,7 +118,7 @@ import org.springframework.web.filter.CorsFilter;
* public class FormLoginSecurityConfig { * public class FormLoginSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorize) -&gt; authorize * .authorizeHttpRequests((authorize) -&gt; authorize
* .requestMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .requestMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@ -199,7 +199,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class CsrfSecurityConfig { * public class CsrfSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .headers((headers) -&gt; * .headers((headers) -&gt;
* headers * headers
@ -222,7 +222,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class CsrfSecurityConfig { * public class CsrfSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .headers((headers) -&gt; headers.disable()); * .headers((headers) -&gt; headers.disable());
* return http.build(); * return http.build();
@ -242,7 +242,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class CsrfSecurityConfig { * public class CsrfSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .headers((headers) -&gt; * .headers((headers) -&gt;
* headers * headers
@ -265,7 +265,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class CsrfSecurityConfig { * public class CsrfSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .headers((headers) -&gt; * .headers((headers) -&gt;
* headers * headers
@ -277,10 +277,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param headersCustomizer the {@link Customizer} to provide more options for the * @param headersCustomizer the {@link Customizer} to provide more options for the
* {@link HeadersConfigurer} * {@link HeadersConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity headers(Customizer<HeadersConfigurer<HttpSecurity>> headersCustomizer) throws Exception { public HttpSecurity headers(Customizer<HeadersConfigurer<HttpSecurity>> headersCustomizer) {
headersCustomizer.customize(getOrApply(new HeadersConfigurer<>())); headersCustomizer.customize(getOrApply(new HeadersConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -296,7 +295,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class CorsSecurityConfig { * public class CorsSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .cors(withDefaults()); * .cors(withDefaults());
* return http.build(); * return http.build();
@ -305,10 +304,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param corsCustomizer the {@link Customizer} to provide more options for the * @param corsCustomizer the {@link Customizer} to provide more options for the
* {@link CorsConfigurer} * {@link CorsConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity cors(Customizer<CorsConfigurer<HttpSecurity>> corsCustomizer) throws Exception { public HttpSecurity cors(Customizer<CorsConfigurer<HttpSecurity>> corsCustomizer) {
corsCustomizer.customize(getOrApply(new CorsConfigurer<>())); corsCustomizer.customize(getOrApply(new CorsConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -329,7 +327,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class SessionManagementSecurityConfig { * public class SessionManagementSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -379,11 +377,10 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* could return true. * could return true.
* @param sessionManagementCustomizer the {@link Customizer} to provide more options * @param sessionManagementCustomizer the {@link Customizer} to provide more options
* for the {@link SessionManagementConfigurer} * for the {@link SessionManagementConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity sessionManagement( public HttpSecurity sessionManagement(
Customizer<SessionManagementConfigurer<HttpSecurity>> sessionManagementCustomizer) throws Exception { Customizer<SessionManagementConfigurer<HttpSecurity>> sessionManagementCustomizer) {
sessionManagementCustomizer.customize(getOrApply(new SessionManagementConfigurer<>())); sessionManagementCustomizer.customize(getOrApply(new SessionManagementConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -410,7 +407,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class PortMapperSecurityConfig { * public class PortMapperSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .requiresChannel((requiresChannel) -&gt; * .requiresChannel((requiresChannel) -&gt;
* requiresChannel * requiresChannel
@ -438,11 +435,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param portMapperCustomizer the {@link Customizer} to provide more options for the * @param portMapperCustomizer the {@link Customizer} to provide more options for the
* {@link PortMapperConfigurer} * {@link PortMapperConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @see #requiresChannel(Customizer)
* @see #requiresChannel(Customizer)
*/ */
public HttpSecurity portMapper(Customizer<PortMapperConfigurer<HttpSecurity>> portMapperCustomizer) public HttpSecurity portMapper(Customizer<PortMapperConfigurer<HttpSecurity>> portMapperCustomizer) {
throws Exception {
portMapperCustomizer.customize(getOrApply(new PortMapperConfigurer<>())); portMapperCustomizer.customize(getOrApply(new PortMapperConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -463,7 +458,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class JeeSecurityConfig { * public class JeeSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -520,10 +515,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* Servlet Container's documentation. * Servlet Container's documentation.
* @param jeeCustomizer the {@link Customizer} to provide more options for the * @param jeeCustomizer the {@link Customizer} to provide more options for the
* {@link JeeConfigurer} * {@link JeeConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity jee(Customizer<JeeConfigurer<HttpSecurity>> jeeCustomizer) throws Exception { public HttpSecurity jee(Customizer<JeeConfigurer<HttpSecurity>> jeeCustomizer) {
jeeCustomizer.customize(getOrApply(new JeeConfigurer<>())); jeeCustomizer.customize(getOrApply(new JeeConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -543,7 +537,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class X509SecurityConfig { * public class X509SecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -556,10 +550,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param x509Customizer the {@link Customizer} to provide more options for the * @param x509Customizer the {@link Customizer} to provide more options for the
* {@link X509Configurer} * {@link X509Configurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity x509(Customizer<X509Configurer<HttpSecurity>> x509Customizer) throws Exception { public HttpSecurity x509(Customizer<X509Configurer<HttpSecurity>> x509Customizer) {
x509Customizer.customize(getOrApply(new X509Configurer<>())); x509Customizer.customize(getOrApply(new X509Configurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -580,7 +573,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class RememberMeSecurityConfig { * public class RememberMeSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -604,11 +597,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param rememberMeCustomizer the {@link Customizer} to provide more options for the * @param rememberMeCustomizer the {@link Customizer} to provide more options for the
* {@link RememberMeConfigurer} * {@link RememberMeConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity rememberMe(Customizer<RememberMeConfigurer<HttpSecurity>> rememberMeCustomizer) public HttpSecurity rememberMe(Customizer<RememberMeConfigurer<HttpSecurity>> rememberMeCustomizer) {
throws Exception {
rememberMeCustomizer.customize(getOrApply(new RememberMeConfigurer<>())); rememberMeCustomizer.customize(getOrApply(new RememberMeConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -629,7 +620,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class AuthorizeUrlsSecurityConfig { * public class AuthorizeUrlsSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorize) -&gt; authorize * .authorizeHttpRequests((authorize) -&gt; authorize
* .requestMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .requestMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@ -665,7 +656,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class AuthorizeUrlsSecurityConfig { * public class AuthorizeUrlsSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorize) -&gt; authorize * .authorizeHttpRequests((authorize) -&gt; authorize
* .requestMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;) * .requestMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
@ -702,7 +693,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class AuthorizeUrlsSecurityConfig { * public class AuthorizeUrlsSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorize) -&gt; authorize * .authorizeHttpRequests((authorize) -&gt; authorize
* .requestMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .requestMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
@ -715,12 +706,10 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param authorizeHttpRequestsCustomizer the {@link Customizer} to provide more * @param authorizeHttpRequestsCustomizer the {@link Customizer} to provide more
* options for the {@link AuthorizationManagerRequestMatcherRegistry} * options for the {@link AuthorizationManagerRequestMatcherRegistry}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @since 5.5
* @since 5.5
*/ */
public HttpSecurity authorizeHttpRequests( public HttpSecurity authorizeHttpRequests(
Customizer<AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry> authorizeHttpRequestsCustomizer) Customizer<AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry> authorizeHttpRequestsCustomizer) {
throws Exception {
ApplicationContext context = getContext(); ApplicationContext context = getContext();
authorizeHttpRequestsCustomizer authorizeHttpRequestsCustomizer
.customize(getOrApply(new AuthorizeHttpRequestsConfigurer<>(context)).getRegistry()); .customize(getOrApply(new AuthorizeHttpRequestsConfigurer<>(context)).getRegistry());
@ -744,7 +733,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class RequestCacheDisabledSecurityConfig { * public class RequestCacheDisabledSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -759,11 +748,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param requestCacheCustomizer the {@link Customizer} to provide more options for * @param requestCacheCustomizer the {@link Customizer} to provide more options for
* the {@link RequestCacheConfigurer} * the {@link RequestCacheConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity requestCache(Customizer<RequestCacheConfigurer<HttpSecurity>> requestCacheCustomizer) public HttpSecurity requestCache(Customizer<RequestCacheConfigurer<HttpSecurity>> requestCacheCustomizer) {
throws Exception {
requestCacheCustomizer.customize(getOrApply(new RequestCacheConfigurer<>())); requestCacheCustomizer.customize(getOrApply(new RequestCacheConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -783,7 +770,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class ExceptionHandlingSecurityConfig { * public class ExceptionHandlingSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -800,11 +787,10 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param exceptionHandlingCustomizer the {@link Customizer} to provide more options * @param exceptionHandlingCustomizer the {@link Customizer} to provide more options
* for the {@link ExceptionHandlingConfigurer} * for the {@link ExceptionHandlingConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity exceptionHandling( public HttpSecurity exceptionHandling(
Customizer<ExceptionHandlingConfigurer<HttpSecurity>> exceptionHandlingCustomizer) throws Exception { Customizer<ExceptionHandlingConfigurer<HttpSecurity>> exceptionHandlingCustomizer) {
exceptionHandlingCustomizer.customize(getOrApply(new ExceptionHandlingConfigurer<>())); exceptionHandlingCustomizer.customize(getOrApply(new ExceptionHandlingConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -822,7 +808,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class SecurityContextSecurityConfig { * public class SecurityContextSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .securityContext((securityContext) -&gt; * .securityContext((securityContext) -&gt;
* securityContext * securityContext
@ -834,11 +820,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param securityContextCustomizer the {@link Customizer} to provide more options for * @param securityContextCustomizer the {@link Customizer} to provide more options for
* the {@link SecurityContextConfigurer} * the {@link SecurityContextConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity securityContext(Customizer<SecurityContextConfigurer<HttpSecurity>> securityContextCustomizer) public HttpSecurity securityContext(Customizer<SecurityContextConfigurer<HttpSecurity>> securityContextCustomizer) {
throws Exception {
securityContextCustomizer.customize(getOrApply(new SecurityContextConfigurer<>())); securityContextCustomizer.customize(getOrApply(new SecurityContextConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -854,7 +838,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class ServletApiSecurityConfig { * public class ServletApiSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .servletApi((servletApi) -&gt; * .servletApi((servletApi) -&gt;
* servletApi.disable() * servletApi.disable()
@ -865,11 +849,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param servletApiCustomizer the {@link Customizer} to provide more options for the * @param servletApiCustomizer the {@link Customizer} to provide more options for the
* {@link ServletApiConfigurer} * {@link ServletApiConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity servletApi(Customizer<ServletApiConfigurer<HttpSecurity>> servletApiCustomizer) public HttpSecurity servletApi(Customizer<ServletApiConfigurer<HttpSecurity>> servletApiCustomizer) {
throws Exception {
servletApiCustomizer.customize(getOrApply(new ServletApiConfigurer<>())); servletApiCustomizer.customize(getOrApply(new ServletApiConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -884,7 +866,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class CsrfSecurityConfig { * public class CsrfSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .csrf((csrf) -&gt; csrf.disable()); * .csrf((csrf) -&gt; csrf.disable());
* return http.build(); * return http.build();
@ -893,10 +875,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param csrfCustomizer the {@link Customizer} to provide more options for the * @param csrfCustomizer the {@link Customizer} to provide more options for the
* {@link CsrfConfigurer} * {@link CsrfConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity csrf(Customizer<CsrfConfigurer<HttpSecurity>> csrfCustomizer) throws Exception { public HttpSecurity csrf(Customizer<CsrfConfigurer<HttpSecurity>> csrfCustomizer) {
ApplicationContext context = getContext(); ApplicationContext context = getContext();
csrfCustomizer.customize(getOrApply(new CsrfConfigurer<>(context))); csrfCustomizer.customize(getOrApply(new CsrfConfigurer<>(context)));
return HttpSecurity.this; return HttpSecurity.this;
@ -921,7 +902,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class LogoutSecurityConfig { * public class LogoutSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -951,10 +932,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param logoutCustomizer the {@link Customizer} to provide more options for the * @param logoutCustomizer the {@link Customizer} to provide more options for the
* {@link LogoutConfigurer} * {@link LogoutConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity logout(Customizer<LogoutConfigurer<HttpSecurity>> logoutCustomizer) throws Exception { public HttpSecurity logout(Customizer<LogoutConfigurer<HttpSecurity>> logoutCustomizer) {
logoutCustomizer.customize(getOrApply(new LogoutConfigurer<>())); logoutCustomizer.customize(getOrApply(new LogoutConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -977,7 +957,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class AnonymousSecurityConfig { * public class AnonymousSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1014,7 +994,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class AnonymousSecurityConfig { * public class AnonymousSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1041,10 +1021,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param anonymousCustomizer the {@link Customizer} to provide more options for the * @param anonymousCustomizer the {@link Customizer} to provide more options for the
* {@link AnonymousConfigurer} * {@link AnonymousConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity anonymous(Customizer<AnonymousConfigurer<HttpSecurity>> anonymousCustomizer) throws Exception { public HttpSecurity anonymous(Customizer<AnonymousConfigurer<HttpSecurity>> anonymousCustomizer) {
anonymousCustomizer.customize(getOrApply(new AnonymousConfigurer<>())); anonymousCustomizer.customize(getOrApply(new AnonymousConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1067,7 +1046,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class FormLoginSecurityConfig { * public class FormLoginSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1097,7 +1076,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class FormLoginSecurityConfig { * public class FormLoginSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1128,10 +1107,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param formLoginCustomizer the {@link Customizer} to provide more options for the * @param formLoginCustomizer the {@link Customizer} to provide more options for the
* {@link FormLoginConfigurer} * {@link FormLoginConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @see FormLoginConfigurer#loginPage(String)
* @see FormLoginConfigurer#loginPage(String)
*/ */
public HttpSecurity formLogin(Customizer<FormLoginConfigurer<HttpSecurity>> formLoginCustomizer) throws Exception { public HttpSecurity formLogin(Customizer<FormLoginConfigurer<HttpSecurity>> formLoginCustomizer) {
formLoginCustomizer.customize(getOrApply(new FormLoginConfigurer<>())); formLoginCustomizer.customize(getOrApply(new FormLoginConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1177,7 +1155,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class Saml2LoginSecurityConfig { * public class Saml2LoginSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1220,11 +1198,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param saml2LoginCustomizer the {@link Customizer} to provide more options for the * @param saml2LoginCustomizer the {@link Customizer} to provide more options for the
* {@link Saml2LoginConfigurer} * {@link Saml2LoginConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @since 5.2
* @since 5.2
*/ */
public HttpSecurity saml2Login(Customizer<Saml2LoginConfigurer<HttpSecurity>> saml2LoginCustomizer) public HttpSecurity saml2Login(Customizer<Saml2LoginConfigurer<HttpSecurity>> saml2LoginCustomizer) {
throws Exception {
saml2LoginCustomizer.customize(getOrApply(new Saml2LoginConfigurer<>())); saml2LoginCustomizer.customize(getOrApply(new Saml2LoginConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1266,7 +1242,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Configuration * &#064;Configuration
* public class Saml2LogoutSecurityConfig { * public class Saml2LogoutSecurityConfig {
* &#064;Bean * &#064;Bean
* public SecurityFilterChain web(HttpSecurity http) throws Exception { * public SecurityFilterChain web(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorize) -&gt; authorize * .authorizeHttpRequests((authorize) -&gt; authorize
* .anyRequest().authenticated() * .anyRequest().authenticated()
@ -1289,11 +1265,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* *
* <p> * <p>
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @since 5.6
* @since 5.6
*/ */
public HttpSecurity saml2Logout(Customizer<Saml2LogoutConfigurer<HttpSecurity>> saml2LogoutCustomizer) public HttpSecurity saml2Logout(Customizer<Saml2LogoutConfigurer<HttpSecurity>> saml2LogoutCustomizer) {
throws Exception {
saml2LogoutCustomizer.customize(getOrApply(new Saml2LogoutConfigurer<>(getContext()))); saml2LogoutCustomizer.customize(getOrApply(new Saml2LogoutConfigurer<>(getContext())));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1319,7 +1293,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Configuration * &#064;Configuration
* public class Saml2LogoutSecurityConfig { * public class Saml2LogoutSecurityConfig {
* &#064;Bean * &#064;Bean
* public SecurityFilterChain web(HttpSecurity http) throws Exception { * public SecurityFilterChain web(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated()) * .authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated())
* .saml2Metadata(Customizer.withDefaults()); * .saml2Metadata(Customizer.withDefaults());
@ -1339,11 +1313,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param saml2MetadataConfigurer the {@link Customizer} to provide more options for * @param saml2MetadataConfigurer the {@link Customizer} to provide more options for
* the {@link Saml2MetadataConfigurer} * the {@link Saml2MetadataConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @since 6.1
* @since 6.1
*/ */
public HttpSecurity saml2Metadata(Customizer<Saml2MetadataConfigurer<HttpSecurity>> saml2MetadataConfigurer) public HttpSecurity saml2Metadata(Customizer<Saml2MetadataConfigurer<HttpSecurity>> saml2MetadataConfigurer) {
throws Exception {
saml2MetadataConfigurer.customize(getOrApply(new Saml2MetadataConfigurer<>(getContext()))); saml2MetadataConfigurer.customize(getOrApply(new Saml2MetadataConfigurer<>(getContext())));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1395,7 +1367,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class OAuth2LoginSecurityConfig { * public class OAuth2LoginSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1435,28 +1407,25 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param oauth2LoginCustomizer the {@link Customizer} to provide more options for the * @param oauth2LoginCustomizer the {@link Customizer} to provide more options for the
* {@link OAuth2LoginConfigurer} * {@link OAuth2LoginConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @see
* @see <a target="_blank" href= * <a target="_blank" href= "https://tools.ietf.org/html/rfc6749#section-4.1">Section
* "https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code * 4.1 Authorization Code Grant</a>
* Grant</a>
* @see <a target="_blank" href= * @see <a target="_blank" href=
* "https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth">Section 3.1 * "https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth">Section 3.1
* Authorization Code Flow</a> * Authorization Code Flow</a>
* @see org.springframework.security.oauth2.client.registration.ClientRegistration * @see org.springframework.security.oauth2.client.registration.ClientRegistration
* @see org.springframework.security.oauth2.client.registration.ClientRegistrationRepository * @see org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
*/ */
public HttpSecurity oauth2Login(Customizer<OAuth2LoginConfigurer<HttpSecurity>> oauth2LoginCustomizer) public HttpSecurity oauth2Login(Customizer<OAuth2LoginConfigurer<HttpSecurity>> oauth2LoginCustomizer) {
throws Exception {
oauth2LoginCustomizer.customize(getOrApply(new OAuth2LoginConfigurer<>())); oauth2LoginCustomizer.customize(getOrApply(new OAuth2LoginConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
public OidcLogoutConfigurer<HttpSecurity> oidcLogout() throws Exception { public OidcLogoutConfigurer<HttpSecurity> oidcLogout() {
return getOrApply(new OidcLogoutConfigurer<>()); return getOrApply(new OidcLogoutConfigurer<>());
} }
public HttpSecurity oidcLogout(Customizer<OidcLogoutConfigurer<HttpSecurity>> oidcLogoutCustomizer) public HttpSecurity oidcLogout(Customizer<OidcLogoutConfigurer<HttpSecurity>> oidcLogoutCustomizer) {
throws Exception {
oidcLogoutCustomizer.customize(getOrApply(new OidcLogoutConfigurer<>())); oidcLogoutCustomizer.customize(getOrApply(new OidcLogoutConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1475,7 +1444,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class OAuth2ClientSecurityConfig { * public class OAuth2ClientSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1489,13 +1458,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param oauth2ClientCustomizer the {@link Customizer} to provide more options for * @param oauth2ClientCustomizer the {@link Customizer} to provide more options for
* the {@link OAuth2ClientConfigurer} * the {@link OAuth2ClientConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @see
* @see <a target="_blank" href= * <a target="_blank" href= "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth
* "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth 2.0 Authorization * 2.0 Authorization Framework</a>
* Framework</a>
*/ */
public HttpSecurity oauth2Client(Customizer<OAuth2ClientConfigurer<HttpSecurity>> oauth2ClientCustomizer) public HttpSecurity oauth2Client(Customizer<OAuth2ClientConfigurer<HttpSecurity>> oauth2ClientCustomizer) {
throws Exception {
oauth2ClientCustomizer.customize(getOrApply(new OAuth2ClientConfigurer<>())); oauth2ClientCustomizer.customize(getOrApply(new OAuth2ClientConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1514,7 +1481,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class OAuth2ResourceServerSecurityConfig { * public class OAuth2ResourceServerSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1539,13 +1506,12 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param oauth2ResourceServerCustomizer the {@link Customizer} to provide more * @param oauth2ResourceServerCustomizer the {@link Customizer} to provide more
* options for the {@link OAuth2ResourceServerConfigurer} * options for the {@link OAuth2ResourceServerConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @see
* @see <a target="_blank" href= * <a target="_blank" href= "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth
* "https://tools.ietf.org/html/rfc6749#section-1.1">OAuth 2.0 Authorization * 2.0 Authorization Framework</a>
* Framework</a>
*/ */
public HttpSecurity oauth2ResourceServer( public HttpSecurity oauth2ResourceServer(
Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>> oauth2ResourceServerCustomizer) throws Exception { Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>> oauth2ResourceServerCustomizer) {
OAuth2ResourceServerConfigurer<HttpSecurity> configurer = getOrApply( OAuth2ResourceServerConfigurer<HttpSecurity> configurer = getOrApply(
new OAuth2ResourceServerConfigurer<>(getContext())); new OAuth2ResourceServerConfigurer<>(getContext()));
this.postProcess(configurer); this.postProcess(configurer);
@ -1558,14 +1524,13 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param oauth2AuthorizationServerCustomizer the {@link Customizer} providing access * @param oauth2AuthorizationServerCustomizer the {@link Customizer} providing access
* to the {@link OAuth2AuthorizationServerConfigurer} for further customizations * to the {@link OAuth2AuthorizationServerConfigurer} for further customizations
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @since 7.0
* @since 7.0
* @see <a target="_blank" href= * @see <a target="_blank" href=
* "https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-13.html">OAuth 2.1 * "https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-13.html">OAuth 2.1
* Authorization Framework</a> * Authorization Framework</a>
*/ */
public HttpSecurity oauth2AuthorizationServer( public HttpSecurity oauth2AuthorizationServer(
Customizer<OAuth2AuthorizationServerConfigurer> oauth2AuthorizationServerCustomizer) throws Exception { Customizer<OAuth2AuthorizationServerConfigurer> oauth2AuthorizationServerCustomizer) {
oauth2AuthorizationServerCustomizer.customize(getOrApply(new OAuth2AuthorizationServerConfigurer())); oauth2AuthorizationServerCustomizer.customize(getOrApply(new OAuth2AuthorizationServerConfigurer()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1581,7 +1546,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class SecurityConfig { * public class SecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorize) -&gt; authorize * .authorizeHttpRequests((authorize) -&gt; authorize
* .anyRequest().authenticated() * .anyRequest().authenticated()
@ -1599,12 +1564,10 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param oneTimeTokenLoginConfigurerCustomizer the {@link Customizer} to provide more * @param oneTimeTokenLoginConfigurerCustomizer the {@link Customizer} to provide more
* options for the {@link OneTimeTokenLoginConfigurer} * options for the {@link OneTimeTokenLoginConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity oneTimeTokenLogin( public HttpSecurity oneTimeTokenLogin(
Customizer<OneTimeTokenLoginConfigurer<HttpSecurity>> oneTimeTokenLoginConfigurerCustomizer) Customizer<OneTimeTokenLoginConfigurer<HttpSecurity>> oneTimeTokenLoginConfigurerCustomizer) {
throws Exception {
oneTimeTokenLoginConfigurerCustomizer.customize(getOrApply(new OneTimeTokenLoginConfigurer<>(getContext()))); oneTimeTokenLoginConfigurerCustomizer.customize(getOrApply(new OneTimeTokenLoginConfigurer<>(getContext())));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1627,7 +1590,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class ChannelSecurityConfig { * public class ChannelSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1655,13 +1618,11 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param requiresChannelCustomizer the {@link Customizer} to provide more options for * @param requiresChannelCustomizer the {@link Customizer} to provide more options for
* the {@link ChannelSecurityConfigurer.ChannelRequestMatcherRegistry} * the {@link ChannelSecurityConfigurer.ChannelRequestMatcherRegistry}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception
* @deprecated Use {@link #redirectToHttps} * @deprecated Use {@link #redirectToHttps}
*/ */
@Deprecated @Deprecated
public HttpSecurity requiresChannel( public HttpSecurity requiresChannel(
Customizer<ChannelSecurityConfigurer<HttpSecurity>.ChannelRequestMatcherRegistry> requiresChannelCustomizer) Customizer<ChannelSecurityConfigurer<HttpSecurity>.ChannelRequestMatcherRegistry> requiresChannelCustomizer) {
throws Exception {
ApplicationContext context = getContext(); ApplicationContext context = getContext();
requiresChannelCustomizer.customize(getOrApply(new ChannelSecurityConfigurer<>(context)).getRegistry()); requiresChannelCustomizer.customize(getOrApply(new ChannelSecurityConfigurer<>(context)).getRegistry());
return HttpSecurity.this; return HttpSecurity.this;
@ -1683,7 +1644,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class RequireHttpsConfig { * public class RequireHttpsConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorize) -&gt; authorize * .authorizeHttpRequests((authorize) -&gt; authorize
* anyRequest().authenticated() * anyRequest().authenticated()
@ -1709,7 +1670,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
*/ */
public HttpSecurity redirectToHttps( public HttpSecurity redirectToHttps(
Customizer<HttpsRedirectConfigurer<HttpSecurity>> httpsRedirectConfigurerCustomizer) throws Exception { Customizer<HttpsRedirectConfigurer<HttpSecurity>> httpsRedirectConfigurerCustomizer) {
httpsRedirectConfigurerCustomizer.customize(getOrApply(new HttpsRedirectConfigurer<>())); httpsRedirectConfigurerCustomizer.customize(getOrApply(new HttpsRedirectConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1729,7 +1690,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class HttpBasicSecurityConfig { * public class HttpBasicSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests((authorizeHttpRequests) -&gt; * .authorizeHttpRequests((authorizeHttpRequests) -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1752,10 +1713,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* </pre> * </pre>
* @param httpBasicCustomizer the {@link Customizer} to provide more options for the * @param httpBasicCustomizer the {@link Customizer} to provide more options for the
* {@link HttpBasicConfigurer} * {@link HttpBasicConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity httpBasic(Customizer<HttpBasicConfigurer<HttpSecurity>> httpBasicCustomizer) throws Exception { public HttpSecurity httpBasic(Customizer<HttpBasicConfigurer<HttpSecurity>> httpBasicCustomizer) {
httpBasicCustomizer.customize(getOrApply(new HttpBasicConfigurer<>())); httpBasicCustomizer.customize(getOrApply(new HttpBasicConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1774,7 +1734,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class PasswordManagementSecurityConfig { * public class PasswordManagementSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .authorizeHttpRequests(authorizeHttpRequests -&gt; * .authorizeHttpRequests(authorizeHttpRequests -&gt;
* authorizeHttpRequests * authorizeHttpRequests
@ -1791,11 +1751,10 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @param passwordManagementCustomizer the {@link Customizer} to provide more options * @param passwordManagementCustomizer the {@link Customizer} to provide more options
* for the {@link PasswordManagementConfigurer} * for the {@link PasswordManagementConfigurer}
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations
* @throws Exception * @ @since 5.6
* @since 5.6
*/ */
public HttpSecurity passwordManagement( public HttpSecurity passwordManagement(
Customizer<PasswordManagementConfigurer<HttpSecurity>> passwordManagementCustomizer) throws Exception { Customizer<PasswordManagementConfigurer<HttpSecurity>> passwordManagementCustomizer) {
passwordManagementCustomizer.customize(getOrApply(new PasswordManagementConfigurer<>())); passwordManagementCustomizer.customize(getOrApply(new PasswordManagementConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -1818,7 +1777,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
} }
@Override @Override
protected void beforeConfigure() throws Exception { protected void beforeConfigure() {
if (this.authenticationManager != null) { if (this.authenticationManager != null) {
setSharedObject(AuthenticationManager.class, this.authenticationManager); setSharedObject(AuthenticationManager.class, this.authenticationManager);
} }
@ -1849,7 +1808,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
} }
@Override @Override
public HttpSecurity userDetailsService(UserDetailsService userDetailsService) throws Exception { public HttpSecurity userDetailsService(UserDetailsService userDetailsService) {
getAuthenticationRegistry().userDetailsService(userDetailsService); getAuthenticationRegistry().userDetailsService(userDetailsService);
return this; return this;
} }
@ -1937,7 +1896,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class RequestMatchersSecurityConfig { * public class RequestMatchersSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .securityMatchers((matchers) -&gt; matchers * .securityMatchers((matchers) -&gt; matchers
* .requestMatchers(&quot;/api/**&quot;, &quot;/oauth/**&quot;) * .requestMatchers(&quot;/api/**&quot;, &quot;/oauth/**&quot;)
@ -1969,7 +1928,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class RequestMatchersSecurityConfig { * public class RequestMatchersSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .securityMatchers((matchers) -&gt; matchers * .securityMatchers((matchers) -&gt; matchers
* .requestMatchers(&quot;/api/**&quot;) * .requestMatchers(&quot;/api/**&quot;)
@ -2002,7 +1961,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* public class RequestMatchersSecurityConfig { * public class RequestMatchersSecurityConfig {
* *
* &#064;Bean * &#064;Bean
* public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * public SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* .securityMatchers((matchers) -&gt; matchers * .securityMatchers((matchers) -&gt; matchers
* .requestMatchers(&quot;/api/**&quot;) * .requestMatchers(&quot;/api/**&quot;)
@ -2089,7 +2048,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* *
* <pre> * <pre>
* &#064;Bean * &#064;Bean
* SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { * SecurityFilterChain securityFilterChain(HttpSecurity http) {
* http * http
* // ... * // ...
* .webAuthn((webAuthn) -&gt; webAuthn * .webAuthn((webAuthn) -&gt; webAuthn
@ -2101,10 +2060,9 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* } * }
* </pre> * </pre>
* @param webAuthn the customizer to apply * @param webAuthn the customizer to apply
* @return the {@link HttpSecurity} for further customizations * @return the {@link HttpSecurity} for further customizations @
* @throws Exception
*/ */
public HttpSecurity webAuthn(Customizer<WebAuthnConfigurer<HttpSecurity>> webAuthn) throws Exception { public HttpSecurity webAuthn(Customizer<WebAuthnConfigurer<HttpSecurity>> webAuthn) {
webAuthn.customize(getOrApply(new WebAuthnConfigurer<>())); webAuthn.customize(getOrApply(new WebAuthnConfigurer<>()));
return HttpSecurity.this; return HttpSecurity.this;
} }
@ -2114,12 +2072,10 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* otherwise apply the new {@link SecurityConfigurerAdapter}. * otherwise apply the new {@link SecurityConfigurerAdapter}.
* @param configurer the {@link SecurityConfigurer} to apply if one is not found for * @param configurer the {@link SecurityConfigurer} to apply if one is not found for
* this {@link SecurityConfigurer} class. * this {@link SecurityConfigurer} class.
* @return the current {@link SecurityConfigurer} for the configurer passed in * @return the current {@link SecurityConfigurer} for the configurer passed in @
* @throws Exception
*/ */
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
private <C extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity>> C getOrApply(C configurer) private <C extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity>> C getOrApply(C configurer) {
throws Exception {
C existingConfig = (C) getConfigurer(configurer.getClass()); C existingConfig = (C) getConfigurer(configurer.getClass());
if (existingConfig != null) { if (existingConfig != null) {
return existingConfig; return existingConfig;

2
config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
View File

@ -302,7 +302,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
} }
@Override @Override
protected Filter performBuild() throws Exception { protected Filter performBuild() {
Assert.state(!this.securityFilterChainBuilders.isEmpty(), Assert.state(!this.securityFilterChainBuilders.isEmpty(),
() -> "At least one SecurityBuilder<? extends SecurityFilterChain> needs to be specified. " () -> "At least one SecurityBuilder<? extends SecurityFilterChain> needs to be specified. "
+ "Typically this is done by exposing a SecurityFilterChain bean. " + "Typically this is done by exposing a SecurityFilterChain bean. "

18
config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
View File

@ -112,7 +112,7 @@ class HttpSecurityConfiguration {
@Bean(HTTPSECURITY_BEAN_NAME) @Bean(HTTPSECURITY_BEAN_NAME)
@Scope("prototype") @Scope("prototype")
HttpSecurity httpSecurity() throws Exception { HttpSecurity httpSecurity() {
LazyPasswordEncoder passwordEncoder = new LazyPasswordEncoder(this.context); LazyPasswordEncoder passwordEncoder = new LazyPasswordEncoder(this.context);
AuthenticationManagerBuilder authenticationBuilder = new DefaultPasswordEncoderAuthenticationManagerBuilder( AuthenticationManagerBuilder authenticationBuilder = new DefaultPasswordEncoderAuthenticationManagerBuilder(
this.objectPostProcessor, passwordEncoder); this.objectPostProcessor, passwordEncoder);
@ -142,13 +142,13 @@ class HttpSecurityConfiguration {
return http; return http;
} }
private void applyCorsIfAvailable(HttpSecurity http) throws Exception { private void applyCorsIfAvailable(HttpSecurity http) {
if (this.context.getBeanNamesForType(UrlBasedCorsConfigurationSource.class).length > 0) { if (this.context.getBeanNamesForType(UrlBasedCorsConfigurationSource.class).length > 0) {
http.cors(withDefaults()); http.cors(withDefaults());
} }
} }
private AuthenticationManager authenticationManager() throws Exception { private AuthenticationManager authenticationManager() {
return this.authenticationConfiguration.getAuthenticationManager(); return this.authenticationConfiguration.getAuthenticationManager();
} }
@ -159,7 +159,7 @@ class HttpSecurityConfiguration {
return this.objectPostProcessor.postProcess(new DefaultAuthenticationEventPublisher()); return this.objectPostProcessor.postProcess(new DefaultAuthenticationEventPublisher());
} }
private void applyDefaultConfigurers(HttpSecurity http) throws Exception { private void applyDefaultConfigurers(HttpSecurity http) {
ClassLoader classLoader = this.context.getClassLoader(); ClassLoader classLoader = this.context.getClassLoader();
List<AbstractHttpConfigurer> defaultHttpConfigurers = SpringFactoriesLoader List<AbstractHttpConfigurer> defaultHttpConfigurers = SpringFactoriesLoader
.loadFactories(AbstractHttpConfigurer.class, classLoader); .loadFactories(AbstractHttpConfigurer.class, classLoader);
@ -197,8 +197,7 @@ class HttpSecurityConfiguration {
* with the {@link Customizer} Bean as the argument</li> * with the {@link Customizer} Bean as the argument</li>
* </ul> * </ul>
* @param context the {@link ApplicationContext} * @param context the {@link ApplicationContext}
* @param http the {@link HttpSecurity} * @param http the {@link HttpSecurity} @
* @throws Exception
*/ */
private void applyTopLevelCustomizers(ApplicationContext context, HttpSecurity http) { private void applyTopLevelCustomizers(ApplicationContext context, HttpSecurity http) {
ReflectionUtils.MethodFilter isCustomizerMethod = (method) -> { ReflectionUtils.MethodFilter isCustomizerMethod = (method) -> {
@ -266,19 +265,18 @@ class HttpSecurityConfiguration {
} }
@Override @Override
public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemoryAuthentication() public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemoryAuthentication() {
throws Exception {
return super.inMemoryAuthentication().passwordEncoder(this.defaultPasswordEncoder); return super.inMemoryAuthentication().passwordEncoder(this.defaultPasswordEncoder);
} }
@Override @Override
public JdbcUserDetailsManagerConfigurer<AuthenticationManagerBuilder> jdbcAuthentication() throws Exception { public JdbcUserDetailsManagerConfigurer<AuthenticationManagerBuilder> jdbcAuthentication() {
return super.jdbcAuthentication().passwordEncoder(this.defaultPasswordEncoder); return super.jdbcAuthentication().passwordEncoder(this.defaultPasswordEncoder);
} }
@Override @Override
public <T extends UserDetailsService> DaoAuthenticationConfigurer<AuthenticationManagerBuilder, T> userDetailsService( public <T extends UserDetailsService> DaoAuthenticationConfigurer<AuthenticationManagerBuilder, T> userDetailsService(
T userDetailsService) throws Exception { T userDetailsService) {
return super.userDetailsService(userDetailsService).passwordEncoder(this.defaultPasswordEncoder); return super.userDetailsService(userDetailsService).passwordEncoder(this.defaultPasswordEncoder);
} }

4
config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
View File

@ -232,7 +232,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
} }
@Override @Override
public void init(B http) throws Exception { public void init(B http) {
updateAuthenticationDefaults(); updateAuthenticationDefaults();
updateAccessDefaults(http); updateAccessDefaults(http);
registerDefaultAuthenticationEntryPoint(http); registerDefaultAuthenticationEntryPoint(http);
@ -268,7 +268,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
} }
@Override @Override
public void configure(B http) throws Exception { public void configure(B http) {
PortMapper portMapper = http.getSharedObject(PortMapper.class); PortMapper portMapper = http.getSharedObject(PortMapper.class);
if (portMapper != null) { if (portMapper != null) {
this.authenticationEntryPoint.setPortMapper(portMapper); this.authenticationEntryPoint.setPortMapper(portMapper);

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurer.java
View File

@ -229,7 +229,7 @@ public final class FormLoginConfigurer<H extends HttpSecurityBuilder<H>> extends
} }
@Override @Override
public void init(H http) throws Exception { public void init(H http) {
super.init(http); super.init(http);
initDefaultLoginFilter(http); initDefaultLoginFilter(http);
ExceptionHandlingConfigurer<H> exceptions = http.getConfigurer(ExceptionHandlingConfigurer.class); ExceptionHandlingConfigurer<H> exceptions = http.getConfigurer(ExceptionHandlingConfigurer.class);

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpsRedirectConfigurer.java
View File

@ -61,7 +61,7 @@ public final class HttpsRedirectConfigurer<H extends HttpSecurityBuilder<H>>
} }
@Override @Override
public void configure(H http) throws Exception { public void configure(H http) {
HttpsRedirectFilter filter = new HttpsRedirectFilter(); HttpsRedirectFilter filter = new HttpsRedirectFilter();
if (this.requestMatcher != null) { if (this.requestMatcher != null) {
filter.setRequestMatcher(this.requestMatcher); filter.setRequestMatcher(this.requestMatcher);

3
config/src/main/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurer.java
View File

@ -23,6 +23,7 @@ import jakarta.servlet.http.HttpServletRequest;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.Customizer; import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.SecurityConfigurer;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever; import org.springframework.security.core.authority.mapping.SimpleMappableAttributesRetriever;
@ -186,7 +187,7 @@ public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends Abstr
* and a {@link Http403ForbiddenEntryPoint} into * and a {@link Http403ForbiddenEntryPoint} into
* {@link HttpSecurityBuilder#setSharedObject(Class, Object)} * {@link HttpSecurityBuilder#setSharedObject(Class, Object)}
* *
* @see org.springframework.security.config.annotation.SecurityConfigurerAdapter#init(org.springframework.security.config.annotation.SecurityBuilder) * @see SecurityConfigurer#init(org.springframework.security.config.annotation.SecurityBuilder)
*/ */
@Override @Override
public void init(H http) { public void init(H http) {

5
config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java
View File

@ -45,7 +45,8 @@ import org.springframework.util.Assert;
/** /**
* Adds logout support. Other {@link SecurityConfigurer} instances may invoke * Adds logout support. Other {@link SecurityConfigurer} instances may invoke
* {@link #addLogoutHandler(LogoutHandler)} in the {@link #init(HttpSecurityBuilder)} * {@link #addLogoutHandler(LogoutHandler)} in the
* {@link SecurityConfigurer#init(org.springframework.security.config.annotation.SecurityBuilder)}
* phase. * phase.
* *
* <h2>Security Filters</h2> * <h2>Security Filters</h2>
@ -288,7 +289,7 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
} }
@Override @Override
public void configure(H http) throws Exception { public void configure(H http) {
LogoutFilter logoutFilter = createLogoutFilter(http); LogoutFilter logoutFilter = createLogoutFilter(http);
http.addFilter(logoutFilter); http.addFilter(logoutFilter);
} }

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/PasswordManagementConfigurer.java
View File

@ -52,7 +52,7 @@ public final class PasswordManagementConfigurer<B extends HttpSecurityBuilder<B>
* {@inheritDoc} * {@inheritDoc}
*/ */
@Override @Override
public void configure(B http) throws Exception { public void configure(B http) {
RequestMatcherRedirectFilter changePasswordFilter = new RequestMatcherRedirectFilter( RequestMatcherRedirectFilter changePasswordFilter = new RequestMatcherRedirectFilter(
getRequestMatcherBuilder().matcher(WELL_KNOWN_CHANGE_PASSWORD_PATTERN), this.changePasswordPage); getRequestMatcherBuilder().matcher(WELL_KNOWN_CHANGE_PASSWORD_PATTERN), this.changePasswordPage);
http.addFilterBefore(postProcess(changePasswordFilter), UsernamePasswordAuthenticationFilter.class); http.addFilterBefore(postProcess(changePasswordFilter), UsernamePasswordAuthenticationFilter.class);

4
config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
View File

@ -268,7 +268,7 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>>
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
@Override @Override
public void init(H http) throws Exception { public void init(H http) {
validateInput(); validateInput();
String key = getKey(); String key = getKey();
RememberMeServices rememberMeServices = getRememberMeServices(http, key); RememberMeServices rememberMeServices = getRememberMeServices(http, key);
@ -346,7 +346,7 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link RememberMeServices} to use * @return the {@link RememberMeServices} to use
* @throws Exception * @throws Exception
*/ */
private RememberMeServices getRememberMeServices(H http, String key) throws Exception { private RememberMeServices getRememberMeServices(H http, String key) {
if (this.rememberMeServices != null) { if (this.rememberMeServices != null) {
if (this.rememberMeServices instanceof LogoutHandler && this.logoutHandler == null) { if (this.rememberMeServices instanceof LogoutHandler && this.logoutHandler == null) {
this.logoutHandler = (LogoutHandler) this.rememberMeServices; this.logoutHandler = (LogoutHandler) this.rememberMeServices;

4
config/src/main/java/org/springframework/security/config/annotation/web/configurers/WebAuthnConfigurer.java
View File

@ -154,7 +154,7 @@ public class WebAuthnConfigurer<H extends HttpSecurityBuilder<H>>
} }
@Override @Override
public void init(H http) throws Exception { public void init(H http) {
ExceptionHandlingConfigurer<H> exceptions = http.getConfigurer(ExceptionHandlingConfigurer.class); ExceptionHandlingConfigurer<H> exceptions = http.getConfigurer(ExceptionHandlingConfigurer.class);
if (exceptions != null) { if (exceptions != null) {
AuthenticationEntryPoint entryPoint = new LoginUrlAuthenticationEntryPoint("/login"); AuthenticationEntryPoint entryPoint = new LoginUrlAuthenticationEntryPoint("/login");
@ -164,7 +164,7 @@ public class WebAuthnConfigurer<H extends HttpSecurityBuilder<H>>
} }
@Override @Override
public void configure(H http) throws Exception { public void configure(H http) {
UserDetailsService userDetailsService = getSharedOrBean(http, UserDetailsService.class) UserDetailsService userDetailsService = getSharedOrBean(http, UserDetailsService.class)
.orElseThrow(() -> new IllegalStateException("Missing UserDetailsService Bean")); .orElseThrow(() -> new IllegalStateException("Missing UserDetailsService Bean"));
PublicKeyCredentialUserEntityRepository userEntities = getSharedOrBean(http, PublicKeyCredentialUserEntityRepository userEntities = getSharedOrBean(http,

4
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
View File

@ -306,7 +306,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
} }
@Override @Override
public void init(B http) throws Exception { public void init(B http) {
OAuth2LoginAuthenticationFilter authenticationFilter = new OAuth2LoginAuthenticationFilter( OAuth2LoginAuthenticationFilter authenticationFilter = new OAuth2LoginAuthenticationFilter(
this.getClientRegistrationRepository(), this.getAuthorizedClientRepository(), this.loginProcessingUrl); this.getClientRegistrationRepository(), this.getAuthorizedClientRepository(), this.loginProcessingUrl);
RequestMatcher processUri = getRequestMatcherBuilder().matcher(this.loginProcessingUrl); RequestMatcher processUri = getRequestMatcherBuilder().matcher(this.loginProcessingUrl);
@ -377,7 +377,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
} }
@Override @Override
public void configure(B http) throws Exception { public void configure(B http) {
OAuth2AuthorizationRequestRedirectFilter authorizationRequestFilter = new OAuth2AuthorizationRequestRedirectFilter( OAuth2AuthorizationRequestRedirectFilter authorizationRequestFilter = new OAuth2AuthorizationRequestRedirectFilter(
getAuthorizationRequestResolver()); getAuthorizationRequestResolver());
if (this.authorizationEndpointConfig.authorizationRequestRepository != null) { if (this.authorizationEndpointConfig.authorizationRequestRepository != null) {

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutConfigurer.java
View File

@ -112,7 +112,7 @@ public final class OidcLogoutConfigurer<B extends HttpSecurityBuilder<B>>
} }
@Override @Override
public void configure(B builder) throws Exception { public void configure(B builder) {
if (this.backChannel != null) { if (this.backChannel != null) {
this.backChannel.configure(builder); this.backChannel.configure(builder);
} }

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationServerConfigurer.java
View File

@ -295,7 +295,7 @@ public final class OAuth2AuthorizationServerConfigurer
} }
@Override @Override
public void init(HttpSecurity httpSecurity) throws Exception { public void init(HttpSecurity httpSecurity) {
AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils
.getAuthorizationServerSettings(httpSecurity); .getAuthorizationServerSettings(httpSecurity);
validateAuthorizationServerSettings(authorizationServerSettings); validateAuthorizationServerSettings(authorizationServerSettings);

4
config/src/main/java/org/springframework/security/config/annotation/web/configurers/ott/OneTimeTokenLoginConfigurer.java
View File

@ -129,7 +129,7 @@ public final class OneTimeTokenLoginConfigurer<H extends HttpSecurityBuilder<H>>
} }
@Override @Override
public void init(H http) throws Exception { public void init(H http) {
if (getLoginProcessingUrl() == null) { if (getLoginProcessingUrl() == null) {
loginProcessingUrl(OneTimeTokenAuthenticationFilter.DEFAULT_LOGIN_PROCESSING_URL); loginProcessingUrl(OneTimeTokenAuthenticationFilter.DEFAULT_LOGIN_PROCESSING_URL);
} }
@ -165,7 +165,7 @@ public final class OneTimeTokenLoginConfigurer<H extends HttpSecurityBuilder<H>>
} }
@Override @Override
public void configure(H http) throws Exception { public void configure(H http) {
super.configure(http); super.configure(http);
configureSubmitPage(http); configureSubmitPage(http);
configureOttGenerateFilter(http); configureOttGenerateFilter(http);

4
config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurer.java
View File

@ -273,7 +273,7 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
* </ul> * </ul>
*/ */
@Override @Override
public void init(B http) throws Exception { public void init(B http) {
registerDefaultCsrfOverride(http); registerDefaultCsrfOverride(http);
relyingPartyRegistrationRepository(http); relyingPartyRegistrationRepository(http);
this.saml2WebSsoAuthenticationFilter = new Saml2WebSsoAuthenticationFilter(getAuthenticationConverter(http)); this.saml2WebSsoAuthenticationFilter = new Saml2WebSsoAuthenticationFilter(getAuthenticationConverter(http));
@ -316,7 +316,7 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
* AuthNRequest redirects * AuthNRequest redirects
*/ */
@Override @Override
public void configure(B http) throws Exception { public void configure(B http) {
Saml2WebSsoAuthenticationRequestFilter filter = getAuthenticationRequestFilter(http); Saml2WebSsoAuthenticationRequestFilter filter = getAuthenticationRequestFilter(http);
filter.setAuthenticationRequestRepository(getAuthenticationRequestRepository(http)); filter.setAuthenticationRequestRepository(getAuthenticationRequestRepository(http));
http.addFilter(postProcess(filter)); http.addFilter(postProcess(filter));

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.java
View File

@ -199,7 +199,7 @@ public final class Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>>
* {@inheritDoc} * {@inheritDoc}
*/ */
@Override @Override
public void configure(H http) throws Exception { public void configure(H http) {
LogoutConfigurer<H> logout = http.getConfigurer(LogoutConfigurer.class); LogoutConfigurer<H> logout = http.getConfigurer(LogoutConfigurer.class);
if (logout != null) { if (logout != null) {
this.logoutHandlers = logout.getLogoutHandlers(); this.logoutHandlers = logout.getLogoutHandlers();

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2MetadataConfigurer.java
View File

@ -135,7 +135,7 @@ public class Saml2MetadataConfigurer<H extends HttpSecurityBuilder<H>>
} }
@Override @Override
public void configure(H http) throws Exception { public void configure(H http) {
Saml2MetadataResponseResolver metadataResponseResolver = createMetadataResponseResolver(http); Saml2MetadataResponseResolver metadataResponseResolver = createMetadataResponseResolver(http);
http.addFilterBefore(new Saml2MetadataFilter(metadataResponseResolver), BasicAuthenticationFilter.class); http.addFilterBefore(new Saml2MetadataFilter(metadataResponseResolver), BasicAuthenticationFilter.class);
} }

1
config/src/main/kotlin/org/springframework/security/config/annotation/web/HttpSecurityDsl.kt
View File

@ -24,7 +24,6 @@ import org.springframework.core.MethodParameter
import org.springframework.core.ResolvableType import org.springframework.core.ResolvableType
import org.springframework.core.annotation.AnnotationUtils import org.springframework.core.annotation.AnnotationUtils
import org.springframework.security.authentication.AuthenticationManager import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.config.Customizer
import org.springframework.security.config.annotation.SecurityConfigurerAdapter import org.springframework.security.config.annotation.SecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository

2
config/src/test/java/org/springframework/security/config/annotation/SecurityConfigurerAdapterClosureTests.java
View File

@ -55,7 +55,7 @@ public class SecurityConfigurerAdapterClosureTests {
private List<Object> list = new ArrayList<>(); private List<Object> list = new ArrayList<>();
@Override @Override
public void configure(SecurityBuilder<Object> builder) throws Exception { public void configure(SecurityBuilder<Object> builder) {
this.list = postProcess(this.list); this.list = postProcess(this.list);
} }

8
config/src/test/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfigurationTests.java
View File

@ -355,7 +355,7 @@ public class AuthenticationConfigurationTests {
static class UserGlobalAuthenticationConfigurerAdapter extends GlobalAuthenticationConfigurerAdapter { static class UserGlobalAuthenticationConfigurerAdapter extends GlobalAuthenticationConfigurerAdapter {
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
auth.inMemoryAuthentication().withUser(PasswordEncodedUser.user()); auth.inMemoryAuthentication().withUser(PasswordEncodedUser.user());
} }
@ -428,7 +428,7 @@ public class AuthenticationConfigurationTests {
static List<Class<?>> configs = new ArrayList<>(); static List<Class<?>> configs = new ArrayList<>();
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
inits.add(getClass()); inits.add(getClass());
} }
@ -454,7 +454,7 @@ public class AuthenticationConfigurationTests {
static class ConfiguresInMemoryConfigurerAdapter extends GlobalAuthenticationConfigurerAdapter { static class ConfiguresInMemoryConfigurerAdapter extends GlobalAuthenticationConfigurerAdapter {
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
// @formatter:off // @formatter:off
auth auth
.inMemoryAuthentication() .inMemoryAuthentication()
@ -468,7 +468,7 @@ public class AuthenticationConfigurationTests {
static class BootGlobalAuthenticationConfigurerAdapter extends DefaultOrderGlobalAuthenticationConfigurerAdapter { static class BootGlobalAuthenticationConfigurerAdapter extends DefaultOrderGlobalAuthenticationConfigurerAdapter {
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
auth.apply(new DefaultBootGlobalAuthenticationConfigurerAdapter()); auth.apply(new DefaultBootGlobalAuthenticationConfigurerAdapter());
} }

2
config/src/test/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfigurationTests.java
View File

@ -453,7 +453,7 @@ public class GlobalMethodSecurityConfigurationTests {
DataSource dataSource; DataSource dataSource;
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
auth.inMemoryAuthentication(); auth.inMemoryAuthentication();
} }

10
config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java
View File

@ -173,7 +173,7 @@ public class AbstractConfiguredSecurityBuilderTests {
extends SecurityConfigurerAdapter<Object, TestConfiguredSecurityBuilder> { extends SecurityConfigurerAdapter<Object, TestConfiguredSecurityBuilder> {
@Override @Override
public void init(TestConfiguredSecurityBuilder builder) throws Exception { public void init(TestConfiguredSecurityBuilder builder) {
builder.with(new NestedConfigurer(), Customizer.withDefaults()); builder.with(new NestedConfigurer(), Customizer.withDefaults());
} }
@ -182,7 +182,7 @@ public class AbstractConfiguredSecurityBuilderTests {
private static class NestedConfigurer extends SecurityConfigurerAdapter<Object, TestConfiguredSecurityBuilder> { private static class NestedConfigurer extends SecurityConfigurerAdapter<Object, TestConfiguredSecurityBuilder> {
@Override @Override
public void init(TestConfiguredSecurityBuilder http) throws Exception { public void init(TestConfiguredSecurityBuilder http) {
http.with(new DoubleNestedConfigurer(), Customizer.withDefaults()); http.with(new DoubleNestedConfigurer(), Customizer.withDefaults());
} }
@ -199,7 +199,7 @@ public class AbstractConfiguredSecurityBuilderTests {
private static SecurityConfigurer<Object, TestConfiguredSecurityBuilder> CONFIGURER; private static SecurityConfigurer<Object, TestConfiguredSecurityBuilder> CONFIGURER;
@Override @Override
public void init(TestConfiguredSecurityBuilder builder) throws Exception { public void init(TestConfiguredSecurityBuilder builder) {
builder.apply(CONFIGURER); builder.apply(CONFIGURER);
builder.removeConfigurer(CONFIGURER.getClass()); builder.removeConfigurer(CONFIGURER.getClass());
} }
@ -212,7 +212,7 @@ public class AbstractConfiguredSecurityBuilderTests {
private static SecurityConfigurer<Object, TestConfiguredSecurityBuilder> CONFIGURER; private static SecurityConfigurer<Object, TestConfiguredSecurityBuilder> CONFIGURER;
@Override @Override
public void init(TestConfiguredSecurityBuilder builder) throws Exception { public void init(TestConfiguredSecurityBuilder builder) {
builder.apply(CONFIGURER); builder.apply(CONFIGURER);
builder.removeConfigurers(CONFIGURER.getClass()); builder.removeConfigurers(CONFIGURER.getClass());
} }
@ -225,7 +225,7 @@ public class AbstractConfiguredSecurityBuilderTests {
private static SecurityConfigurer<Object, TestConfiguredSecurityBuilder> CONFIGURER; private static SecurityConfigurer<Object, TestConfiguredSecurityBuilder> CONFIGURER;
@Override @Override
public void init(TestConfiguredSecurityBuilder builder) throws Exception { public void init(TestConfiguredSecurityBuilder builder) {
builder.apply(CONFIGURER); builder.apply(CONFIGURER);
} }

4
config/src/test/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfigurationTests.java
View File

@ -720,7 +720,7 @@ public class HttpSecurityConfigurationTests {
static class CustomDsl extends AbstractHttpConfigurer<CustomDsl, HttpSecurity> { static class CustomDsl extends AbstractHttpConfigurer<CustomDsl, HttpSecurity> {
@Override @Override
public void init(HttpSecurity http) throws Exception { public void init(HttpSecurity http) {
http.formLogin(FormLoginConfigurer::disable); http.formLogin(FormLoginConfigurer::disable);
} }
@ -824,7 +824,7 @@ public class HttpSecurityConfigurationTests {
static class WithCustomDsl extends AbstractHttpConfigurer<WithCustomDsl, HttpSecurity> { static class WithCustomDsl extends AbstractHttpConfigurer<WithCustomDsl, HttpSecurity> {
@Override @Override
public void init(HttpSecurity builder) throws Exception { public void init(HttpSecurity builder) {
builder.formLogin(Customizer.withDefaults()); builder.formLogin(Customizer.withDefaults());
} }

2
config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java
View File

@ -200,7 +200,7 @@ public class AnonymousConfigurerTests {
static class CustomDsl extends AbstractHttpConfigurer<CustomDsl, HttpSecurity> { static class CustomDsl extends AbstractHttpConfigurer<CustomDsl, HttpSecurity> {
@Override @Override
public void init(HttpSecurity http) throws Exception { public void init(HttpSecurity http) {
http.anonymous((anonymous) -> anonymous.principal("myAnonymousUser")); http.anonymous((anonymous) -> anonymous.principal("myAnonymousUser"));
} }

2
config/src/test/java/org/springframework/security/config/authentication/AuthenticationConfigurationGh3935Tests.java
View File

@ -94,7 +94,7 @@ public class AuthenticationConfigurationGh3935Tests {
} }
@Override @Override
public void init(AuthenticationManagerBuilder auth) throws Exception { public void init(AuthenticationManagerBuilder auth) {
AuthenticationConfiguration configuration = this.context.getBean(AuthenticationConfiguration.class); AuthenticationConfiguration configuration = this.context.getBean(AuthenticationConfiguration.class);
this.authenticationManager = configuration.getAuthenticationManager(); this.authenticationManager = configuration.getAuthenticationManager();
} }

2
config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java
View File

@ -38,7 +38,7 @@ public class CustomConfigurer extends SecurityConfigurerAdapter<DefaultSecurityF
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
@Override @Override
public void init(HttpSecurity http) throws Exception { public void init(HttpSecurity http) {
// autowire this bean // autowire this bean
ApplicationContext context = http.getSharedObject(ApplicationContext.class); ApplicationContext context = http.getSharedObject(ApplicationContext.class);
context.getAutowireCapableBeanFactory().autowireBean(this); context.getAutowireCapableBeanFactory().autowireBean(this);

1
config/src/test/kotlin/org/springframework/security/config/annotation/web/AuthorizeHttpRequestsDslTests.kt
View File

@ -16,7 +16,6 @@
package org.springframework.security.config.annotation.web package org.springframework.security.config.annotation.web
import io.mockk.Called
import io.mockk.every import io.mockk.every
import io.mockk.mockk import io.mockk.mockk
import io.mockk.verify import io.mockk.verify

2
config/src/test/kotlin/org/springframework/security/config/annotation/web/OidcLogoutDslTests.kt
View File

@ -24,11 +24,9 @@ import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configurers.oauth2.client.OidcBackChannelLogoutHandler import org.springframework.security.config.annotation.web.configurers.oauth2.client.OidcBackChannelLogoutHandler
import org.springframework.security.config.annotation.web.oauth2.login.OidcBackChannelLogoutDsl
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.oauth2.client.oidc.session.InMemoryOidcSessionRegistry import org.springframework.security.oauth2.client.oidc.session.InMemoryOidcSessionRegistry
import org.springframework.security.oauth2.client.oidc.session.OidcSessionRegistry
import org.springframework.security.oauth2.client.registration.ClientRegistration import org.springframework.security.oauth2.client.registration.ClientRegistration
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository

1
config/src/test/kotlin/org/springframework/security/config/annotation/web/Saml2LogoutDslTests.kt
View File

@ -40,7 +40,6 @@ import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.MvcResult import org.springframework.test.web.servlet.MvcResult
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders import org.springframework.test.web.servlet.request.MockMvcRequestBuilders
import org.springframework.test.web.servlet.result.MockMvcResultMatchers import org.springframework.test.web.servlet.result.MockMvcResultMatchers
import java.util.*
/** /**
* Tests for [Saml2LogoutDsl] * Tests for [Saml2LogoutDsl]

10
config/src/test/kotlin/org/springframework/security/config/annotation/web/Saml2MetadataDslTests.kt
View File

@ -18,7 +18,6 @@ package org.springframework.security.config.annotation.web
import io.mockk.every import io.mockk.every
import io.mockk.mockk import io.mockk.mockk
import io.mockk.mockkObject
import io.mockk.verify import io.mockk.verify
import org.assertj.core.api.Assertions import org.assertj.core.api.Assertions
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
@ -28,29 +27,20 @@ import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.core.io.ClassPathResource import org.springframework.core.io.ClassPathResource
import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.authentication.ProviderManager
import org.springframework.security.authentication.TestingAuthenticationProvider
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.test.SpringTestContext import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.saml2.core.Saml2X509Credential
import org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResponse import org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResponse
import org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResponseResolver import org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResponseResolver
import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository
import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations
import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter
import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get import org.springframework.test.web.servlet.get
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders
import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
import java.security.cert.Certificate import java.security.cert.Certificate
import java.security.cert.CertificateFactory import java.security.cert.CertificateFactory
import java.util.Base64
/** /**
* Tests for [Saml2Dsl] * Tests for [Saml2Dsl]

4
core/src/main/java/org/springframework/security/authentication/dao/AbstractUserDetailsAuthenticationProvider.java
View File

@ -122,7 +122,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
UsernamePasswordAuthenticationToken authentication) throws AuthenticationException; UsernamePasswordAuthenticationToken authentication) throws AuthenticationException;
@Override @Override
public final void afterPropertiesSet() throws Exception { public final void afterPropertiesSet() {
Assert.notNull(this.userCache, "A user cache must be set"); Assert.notNull(this.userCache, "A user cache must be set");
Assert.notNull(this.messages, "A message source must be set"); Assert.notNull(this.messages, "A message source must be set");
Assert.notNull(this.preAuthenticationChecks, "A pre authentication checks must be set"); Assert.notNull(this.preAuthenticationChecks, "A pre authentication checks must be set");
@ -215,7 +215,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider
return result; return result;
} }
protected void doAfterPropertiesSet() throws Exception { protected void doAfterPropertiesSet() {
} }
public UserCache getUserCache() { public UserCache getUserCache() {

12
docs/src/test/java/org/springframework/security/docs/servlet/configuration/httpsecuritycustomizerbean/HttpSecurityCustomizerBeanConfiguration.java
View File

@ -16,28 +16,16 @@
package org.springframework.security.docs.servlet.configuration.httpsecuritycustomizerbean; package org.springframework.security.docs.servlet.configuration.httpsecuritycustomizerbean;
import org.jetbrains.annotations.NotNull;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.config.Customizer; import org.springframework.security.config.Customizer;
import org.springframework.security.config.ThrowingCustomizer; import org.springframework.security.config.ThrowingCustomizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.config.test.SpringTestContext;
import org.springframework.security.config.test.SpringTestContextExtension;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.ResultMatcher;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
/** /**
* *

10
docs/src/test/java/org/springframework/security/docs/servlet/configuration/toplevelcustomizerbean/TopLevelCustomizerBeanConfiguration.java
View File

@ -16,26 +16,16 @@
package org.springframework.security.docs.servlet.configuration.toplevelcustomizerbean; package org.springframework.security.docs.servlet.configuration.toplevelcustomizerbean;
import org.jetbrains.annotations.NotNull;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.config.Customizer; import org.springframework.security.config.Customizer;
import org.springframework.security.config.ThrowingCustomizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer; import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
import org.springframework.security.config.test.SpringTestContext;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.ResultMatcher;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
/** /**
* *

5
docs/src/test/kotlin/org/springframework/security/kt/docs/servlet/authentication/obtainingmoreauthorization/MissingAuthorityConfiguration.kt
View File

@ -4,11 +4,7 @@ import jakarta.servlet.http.HttpServletRequest
import jakarta.servlet.http.HttpServletResponse import jakarta.servlet.http.HttpServletResponse
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.authorization.AllAuthoritiesAuthorizationManager.hasAllAuthorities
import org.springframework.security.authorization.AuthorizationDecision
import org.springframework.security.authorization.AuthorizationManager
import org.springframework.security.authorization.AuthorizationManagerFactory import org.springframework.security.authorization.AuthorizationManagerFactory
import org.springframework.security.authorization.AuthorizationManagers.allOf
import org.springframework.security.authorization.DefaultAuthorizationManagerFactory import org.springframework.security.authorization.DefaultAuthorizationManagerFactory
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
@ -21,7 +17,6 @@ import org.springframework.security.oauth2.client.registration.InMemoryClientReg
import org.springframework.security.oauth2.client.registration.TestClientRegistrations import org.springframework.security.oauth2.client.registration.TestClientRegistrations
import org.springframework.security.web.AuthenticationEntryPoint import org.springframework.security.web.AuthenticationEntryPoint
import org.springframework.security.web.DefaultSecurityFilterChain import org.springframework.security.web.DefaultSecurityFilterChain
import org.springframework.security.web.access.intercept.RequestAuthorizationContext
import org.springframework.stereotype.Component import org.springframework.stereotype.Component
@EnableWebSecurity @EnableWebSecurity

1
docs/src/test/kotlin/org/springframework/security/kt/docs/servlet/configuration/customizerbeanordering/CustomizerBeanOrderingConfiguration.kt
View File

@ -23,7 +23,6 @@ import org.springframework.security.config.Customizer
import org.springframework.security.config.ThrowingCustomizer import org.springframework.security.config.ThrowingCustomizer
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
import org.springframework.security.config.annotation.web.configurers.HttpsRedirectConfigurer import org.springframework.security.config.annotation.web.configurers.HttpsRedirectConfigurer
import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.SecurityFilterChain

4
docs/src/test/kotlin/org/springframework/security/kt/docs/servlet/configuration/dslbeanordering/DslBeanOrderingConfiguration.kt
View File

@ -19,15 +19,11 @@ import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.core.Ordered import org.springframework.core.Ordered
import org.springframework.core.annotation.Order import org.springframework.core.annotation.Order
import org.springframework.security.config.Customizer
import org.springframework.security.config.ThrowingCustomizer
import org.springframework.security.config.annotation.web.HeadersDsl import org.springframework.security.config.annotation.web.HeadersDsl
import org.springframework.security.config.annotation.web.HttpSecurityDsl import org.springframework.security.config.annotation.web.HttpSecurityDsl
import org.springframework.security.config.annotation.web.HttpsRedirectDsl import org.springframework.security.config.annotation.web.HttpsRedirectDsl
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
import org.springframework.security.config.annotation.web.configurers.HttpsRedirectConfigurer
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.SecurityFilterChain
import org.springframework.web.servlet.config.annotation.EnableWebMvc import org.springframework.web.servlet.config.annotation.EnableWebMvc

1
docs/src/test/kotlin/org/springframework/security/kt/docs/servlet/configuration/httpsecuritycustomizerbean/HttpSecurityCustomizerBeanConfiguration.kt
View File

@ -6,7 +6,6 @@ import org.springframework.security.config.Customizer
import org.springframework.security.config.ThrowingCustomizer import org.springframework.security.config.ThrowingCustomizer
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.SecurityFilterChain

8
docs/src/test/kotlin/org/springframework/security/kt/docs/servlet/configuration/httpsecuritydslbean/HttpSecurityDslBeanConfiguration.kt
View File

@ -1,20 +1,12 @@
package org.springframework.security.kt.docs.servlet.configuration.httpsecuritydslbean package org.springframework.security.kt.docs.servlet.configuration.httpsecuritydslbean
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.extension.ExtendWith
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.HeadersDsl
import org.springframework.security.config.annotation.web.HttpSecurityDsl import org.springframework.security.config.annotation.web.HttpSecurityDsl
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke
import org.springframework.security.config.test.SpringTestContext
import org.springframework.security.config.test.SpringTestContextExtension
import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.SecurityFilterChain
import org.springframework.test.web.servlet.MockMvc
import org.springframework.test.web.servlet.get
import org.springframework.web.servlet.config.annotation.EnableWebMvc import org.springframework.web.servlet.config.annotation.EnableWebMvc

1
docs/src/test/kotlin/org/springframework/security/kt/docs/servlet/configuration/topleveldslbean/TopLevelDslBeanConfiguration.kt
View File

@ -3,7 +3,6 @@ package org.springframework.security.kt.docs.servlet.configuration.topleveldslbe
import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.HeadersDsl import org.springframework.security.config.annotation.web.HeadersDsl
import org.springframework.security.config.annotation.web.HttpSecurityDsl
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.invoke import org.springframework.security.config.annotation.web.invoke