From df9cf6b72640ca04eebd545a88bb9022e79ade7c Mon Sep 17 00:00:00 2001 From: Phillip Webb Date: Tue, 25 Jan 2022 13:15:59 -0800 Subject: [PATCH] Make ErrorPageSecurityFilter compatible with Servlet 3.1 Ensure that all default methods are implemented so that the filter is compatible with Servlet 3.1 environments. Fixes gh-29558 --- .../filter/ErrorPageSecurityFilter.java | 4 ++++ .../filter/ErrorPageSecurityFilterTests.java | 18 ++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/servlet/filter/ErrorPageSecurityFilter.java b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/servlet/filter/ErrorPageSecurityFilter.java index 77caff9889..960504eddf 100644 --- a/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/servlet/filter/ErrorPageSecurityFilter.java +++ b/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/servlet/filter/ErrorPageSecurityFilter.java @@ -114,6 +114,10 @@ public class ErrorPageSecurityFilter implements Filter { } } + @Override + public void destroy() { + } + /** * {@link WebInvocationPrivilegeEvaluator} that always allows access. */ diff --git a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/filter/ErrorPageSecurityFilterTests.java b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/filter/ErrorPageSecurityFilterTests.java index 8a9da1cff4..41cdbd479b 100644 --- a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/filter/ErrorPageSecurityFilterTests.java +++ b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/filter/ErrorPageSecurityFilterTests.java @@ -16,7 +16,10 @@ package org.springframework.boot.web.servlet.filter; +import java.lang.reflect.Method; + import javax.servlet.DispatcherType; +import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.RequestDispatcher; @@ -32,6 +35,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.access.WebInvocationPrivilegeEvaluator; +import org.springframework.util.ReflectionUtils; import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.ArgumentMatchers.any; @@ -145,4 +149,18 @@ class ErrorPageSecurityFilterTests { verify(this.privilegeEvaluator).isAllowed(eq("/dispatcher/path/error"), any()); } + @Test + void filterIsCompatibleWithServlet31() { + Method[] methods = Filter.class.getDeclaredMethods(); + for (Method method : methods) { + if (method.isDefault()) { + Method securityFilterMethod = ReflectionUtils.findMethod(ErrorPageSecurityFilter.class, + method.getName(), method.getParameterTypes()); + assertThat(securityFilterMethod).isNotNull(); + assertThat(securityFilterMethod.getDeclaringClass()).as(method.getName()) + .isEqualTo(ErrorPageSecurityFilter.class); + } + } + } + }