Switch from thymeleaf-extras-springsecurity4 to extras-springsecurity5

Closes gh-14806

spring-boot-project/spring-boot-autoconfigure/pom.xml

@@ -655,7 +655,7 @@
 		</dependency>
 		<dependency>
 			<groupId>org.thymeleaf.extras</groupId>
-			<artifactId>thymeleaf-extras-springsecurity4</artifactId>
+			<artifactId>thymeleaf-extras-springsecurity5</artifactId>
 			<optional>true</optional>
 		</dependency>
 		<dependency>

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/thymeleaf/ThymeleafAutoConfiguration.java

@@ -28,7 +28,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.thymeleaf.dialect.IDialect;
 import org.thymeleaf.extras.java8time.dialect.Java8TimeDialect;
-import org.thymeleaf.extras.springsecurity4.dialect.SpringSecurityDialect;
+import org.thymeleaf.extras.springsecurity5.dialect.SpringSecurityDialect;
 import org.thymeleaf.spring5.ISpringWebFluxTemplateEngine;
 import org.thymeleaf.spring5.SpringTemplateEngine;
 import org.thymeleaf.spring5.SpringWebFluxTemplateEngine;

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/thymeleaf/ThymeleafReactiveAutoConfigurationTests.java

@@ -27,8 +27,11 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.thymeleaf.TemplateEngine;
 import org.thymeleaf.context.Context;
+import org.thymeleaf.context.IContext;
+import org.thymeleaf.extras.springsecurity5.util.SpringSecurityContextUtils;
 import org.thymeleaf.spring5.ISpringWebFluxTemplateEngine;
 import org.thymeleaf.spring5.SpringWebFluxTemplateEngine;
+import org.thymeleaf.spring5.context.webflux.SpringWebFluxContext;
 import org.thymeleaf.spring5.templateresolver.SpringResourceTemplateResolver;
 import org.thymeleaf.spring5.view.reactive.ThymeleafReactiveViewResolver;
 import org.thymeleaf.templateresolver.ITemplateResolver;
@@ -42,6 +45,10 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.http.MediaType;
+import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
+import org.springframework.mock.web.server.MockServerWebExchange;
+import org.springframework.security.authentication.TestingAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextImpl;
 import org.springframework.test.util.ReflectionTestUtils;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -190,6 +197,22 @@ public class ThymeleafReactiveAutoConfigurationTests {
 		assertThat(result).isEqualTo("<html><body>2015-11-24</body></html>");
 	}
 
+	@Test
+	public void useSecurityDialect() {
+		load(BaseConfiguration.class);
+		ISpringWebFluxTemplateEngine engine = this.context
+				.getBean(ISpringWebFluxTemplateEngine.class);
+		MockServerWebExchange exchange = MockServerWebExchange
+				.from(MockServerHttpRequest.get("/test").build());
+		exchange.getAttributes().put(
+				SpringSecurityContextUtils.SECURITY_CONTEXT_MODEL_ATTRIBUTE_NAME,
+				new SecurityContextImpl(
+						new TestingAuthenticationToken("alice", "admin")));
+		IContext attrs = new SpringWebFluxContext(exchange);
+		String result = engine.process("security-dialect", attrs);
+		assertThat(result).isEqualTo("<html><body><div>alice</div></body></html>\n");
+	}
+
 	@Test
 	public void renderTemplate() {
 		load(BaseConfiguration.class);

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/thymeleaf/ThymeleafServletAutoConfigurationTests.java

@@ -30,6 +30,7 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.thymeleaf.TemplateEngine;
 import org.thymeleaf.context.Context;
+import org.thymeleaf.context.WebContext;
 import org.thymeleaf.spring5.SpringTemplateEngine;
 import org.thymeleaf.spring5.templateresolver.SpringResourceTemplateResolver;
 import org.thymeleaf.spring5.view.ThymeleafView;
@@ -48,6 +49,9 @@ import org.springframework.context.annotation.Import;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.mock.web.MockServletContext;
+import org.springframework.security.authentication.TestingAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.context.SecurityContextImpl;
 import org.springframework.test.util.ReflectionTestUtils;
 import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
 import org.springframework.web.servlet.ViewResolver;
@@ -183,6 +187,23 @@ public class ThymeleafServletAutoConfigurationTests {
 		assertThat(result).isEqualTo("<html><body>2015-11-24</body></html>");
 	}
 
+	@Test
+	public void useSecurityDialect() {
+		load(BaseConfiguration.class);
+		TemplateEngine engine = this.context.getBean(TemplateEngine.class);
+		WebContext attrs = new WebContext(new MockHttpServletRequest(),
+				new MockHttpServletResponse(), new MockServletContext());
+		try {
+			SecurityContextHolder.setContext(new SecurityContextImpl(
+					new TestingAuthenticationToken("alice", "admin")));
+			String result = engine.process("security-dialect", attrs);
+			assertThat(result).isEqualTo("<html><body><div>alice</div></body></html>\n");
+		}
+		finally {
+			SecurityContextHolder.clearContext();
+		}
+	}
+
 	@Test
 	public void renderTemplate() {
 		load(BaseConfiguration.class);

spring-boot-project/spring-boot-autoconfigure/src/test/resources/templates/security-dialect.html

@@ -0,0 +1 @@
+<html><body><div sec:authentication="name"></div></body></html>

spring-boot-project/spring-boot-dependencies/pom.xml

@@ -182,7 +182,7 @@
 		<sun-mail.version>${javax-mail.version}</sun-mail.version>
 		<saaj-impl.version>1.5.0</saaj-impl.version>
 		<thymeleaf.version>3.0.10.RELEASE</thymeleaf.version>
-		<thymeleaf-extras-springsecurity4.version>3.0.2.RELEASE</thymeleaf-extras-springsecurity4.version>
+		<thymeleaf-extras-springsecurity5.version>3.0.3.RELEASE</thymeleaf-extras-springsecurity5.version>
 		<thymeleaf-layout-dialect.version>2.3.0</thymeleaf-layout-dialect.version>
 		<thymeleaf-extras-data-attribute.version>2.0.1</thymeleaf-extras-data-attribute.version>
 		<thymeleaf-extras-java8time.version>3.0.1.RELEASE</thymeleaf-extras-java8time.version>
@@ -2937,8 +2937,8 @@
 			</dependency>
 			<dependency>
 				<groupId>org.thymeleaf.extras</groupId>
-				<artifactId>thymeleaf-extras-springsecurity4</artifactId>
-				<version>${thymeleaf-extras-springsecurity4.version}</version>
+				<artifactId>thymeleaf-extras-springsecurity5</artifactId>
+				<version>${thymeleaf-extras-springsecurity5.version}</version>
 			</dependency>
 			<dependency>
 				<groupId>org.webjars</groupId>

spring-boot-project/spring-boot-docs/pom.xml

@@ -904,7 +904,7 @@
 		</dependency>
 		<dependency>
 			<groupId>org.thymeleaf.extras</groupId>
-			<artifactId>thymeleaf-extras-springsecurity4</artifactId>
+			<artifactId>thymeleaf-extras-springsecurity5</artifactId>
 			<optional>true</optional>
 		</dependency>
 		<dependency>