Merge branch '2.6.x' into 2.7.x

Closes gh-29565
pull/22885/merge
Phillip Webb 3 years ago
commit bb024211f6

@ -114,6 +114,10 @@ public class ErrorPageSecurityFilter implements Filter {
}
}
@Override
public void destroy() {
}
/**
* {@link WebInvocationPrivilegeEvaluator} that always allows access.
*/

@ -16,7 +16,10 @@
package org.springframework.boot.web.servlet.filter;
import java.lang.reflect.Method;
import javax.servlet.DispatcherType;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.RequestDispatcher;
@ -32,6 +35,7 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.access.WebInvocationPrivilegeEvaluator;
import org.springframework.util.ReflectionUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.ArgumentMatchers.any;
@ -145,4 +149,18 @@ class ErrorPageSecurityFilterTests {
verify(this.privilegeEvaluator).isAllowed(eq("/dispatcher/path/error"), any());
}
@Test
void filterIsCompatibleWithServlet31() {
Method[] methods = Filter.class.getDeclaredMethods();
for (Method method : methods) {
if (method.isDefault()) {
Method securityFilterMethod = ReflectionUtils.findMethod(ErrorPageSecurityFilter.class,
method.getName(), method.getParameterTypes());
assertThat(securityFilterMethod).isNotNull();
assertThat(securityFilterMethod.getDeclaringClass()).as(method.getName())
.isEqualTo(ErrorPageSecurityFilter.class);
}
}
}
}

Loading…
Cancel
Save