Upgrade to Spring Security 3.2.1

Fixes gh-392
pull/408/head
Phillip Webb 11 years ago
parent 2669d81433
commit 083cb388c0

@ -22,7 +22,6 @@ import java.util.List;
import java.util.Set; import java.util.Set;
import javax.annotation.PostConstruct; import javax.annotation.PostConstruct;
import javax.servlet.Filter;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.endpoint.Endpoint; import org.springframework.boot.actuate.endpoint.Endpoint;
@ -45,7 +44,7 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered; import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order; import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.SecurityConfigurer; import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer; import org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer;
@ -77,7 +76,7 @@ public class ManagementSecurityAutoConfiguration {
@Bean @Bean
@ConditionalOnMissingBean({ IgnoredPathsWebSecurityConfigurerAdapter.class }) @ConditionalOnMissingBean({ IgnoredPathsWebSecurityConfigurerAdapter.class })
public SecurityConfigurer<Filter, WebSecurity> ignoredPathsWebSecurityConfigurerAdapter() { public WebSecurityConfigurer<WebSecurity> ignoredPathsWebSecurityConfigurerAdapter() {
return new IgnoredPathsWebSecurityConfigurerAdapter(); return new IgnoredPathsWebSecurityConfigurerAdapter();
} }
@ -104,7 +103,7 @@ public class ManagementSecurityAutoConfiguration {
// Get the ignored paths in early // Get the ignored paths in early
@Order(Ordered.HIGHEST_PRECEDENCE + 1) @Order(Ordered.HIGHEST_PRECEDENCE + 1)
private static class IgnoredPathsWebSecurityConfigurerAdapter implements private static class IgnoredPathsWebSecurityConfigurerAdapter implements
SecurityConfigurer<Filter, WebSecurity> { WebSecurityConfigurer<WebSecurity> {
@Autowired(required = false) @Autowired(required = false)
private ErrorController errorController; private ErrorController errorController;

@ -20,8 +20,6 @@ import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
import javax.servlet.Filter;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
@ -39,7 +37,7 @@ import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher; import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
import org.springframework.security.authentication.ProviderManager; import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.config.annotation.SecurityConfigurer; import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer; import org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer;
@ -98,7 +96,7 @@ public class SpringBootWebSecurityConfiguration {
@Bean @Bean
@ConditionalOnMissingBean({ IgnoredPathsWebSecurityConfigurerAdapter.class }) @ConditionalOnMissingBean({ IgnoredPathsWebSecurityConfigurerAdapter.class })
public SecurityConfigurer<Filter, WebSecurity> ignoredPathsWebSecurityConfigurerAdapter() { public WebSecurityConfigurer<WebSecurity> ignoredPathsWebSecurityConfigurerAdapter() {
return new IgnoredPathsWebSecurityConfigurerAdapter(); return new IgnoredPathsWebSecurityConfigurerAdapter();
} }
@ -138,7 +136,7 @@ public class SpringBootWebSecurityConfiguration {
// Get the ignored paths in early // Get the ignored paths in early
@Order(Ordered.HIGHEST_PRECEDENCE) @Order(Ordered.HIGHEST_PRECEDENCE)
private static class IgnoredPathsWebSecurityConfigurerAdapter implements private static class IgnoredPathsWebSecurityConfigurerAdapter implements
SecurityConfigurer<Filter, WebSecurity> { WebSecurityConfigurer<WebSecurity> {
@Autowired @Autowired
private SecurityProperties security; private SecurityProperties security;

@ -16,6 +16,8 @@
package org.springframework.boot.autoconfigure.security; package org.springframework.boot.autoconfigure.security;
import java.util.List;
import org.junit.Test; import org.junit.Test;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.PropertyPlaceholderAutoConfiguration; import org.springframework.boot.autoconfigure.PropertyPlaceholderAutoConfiguration;
@ -37,6 +39,7 @@ import org.springframework.security.config.annotation.authentication.builders.Au
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterChainProxy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext; import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
@ -60,8 +63,9 @@ public class SecurityAutoConfigurationTests {
debugRefresh(this.context); debugRefresh(this.context);
assertNotNull(this.context.getBean(AuthenticationManagerBuilder.class)); assertNotNull(this.context.getBean(AuthenticationManagerBuilder.class));
// 4 for static resources and one for the rest // 4 for static resources and one for the rest
assertEquals(5, this.context.getBean(FilterChainProxy.class).getFilterChains() List<SecurityFilterChain> filterChains = this.context.getBean(
.size()); FilterChainProxy.class).getFilterChains();
assertEquals(5, filterChains.size());
} }
@Test @Test

@ -50,7 +50,7 @@
<spring-data-redis.version>1.1.1.RELEASE</spring-data-redis.version> <spring-data-redis.version>1.1.1.RELEASE</spring-data-redis.version>
<spring-rabbit.version>1.2.1.RELEASE</spring-rabbit.version> <spring-rabbit.version>1.2.1.RELEASE</spring-rabbit.version>
<spring-mobile.version>1.1.1.RELEASE</spring-mobile.version> <spring-mobile.version>1.1.1.RELEASE</spring-mobile.version>
<spring-security.version>3.2.0.RELEASE</spring-security.version> <spring-security.version>3.2.1.RELEASE</spring-security.version>
<thymeleaf.version>2.1.2.RELEASE</thymeleaf.version> <thymeleaf.version>2.1.2.RELEASE</thymeleaf.version>
<thymeleaf-extras-springsecurity3.version>2.1.1.RELEASE</thymeleaf-extras-springsecurity3.version> <thymeleaf-extras-springsecurity3.version>2.1.1.RELEASE</thymeleaf-extras-springsecurity3.version>
<thymeleaf-layout-dialect.version>1.2.2</thymeleaf-layout-dialect.version> <thymeleaf-layout-dialect.version>1.2.2</thymeleaf-layout-dialect.version>

Loading…
Cancel
Save