Only configure remove devtools security if Spring Security is enabled

Previously, RemoteDevToolsAutoConfiguration would try to configure
Spring Security if it was on the classpath. This led to a failure if
Spring Security was on the classpath but its auto-configuration was
disabled.

This commit updates the auto-configuration to be conditional on the
presence of Spring Security’s ObjectPostProcessor bean.

See gh-3889
pull/3741/merge
Andy Wilkinson 9 years ago
parent e2862390ee
commit efee06fd9b

@ -25,6 +25,7 @@ import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@ -50,6 +51,7 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@ -158,6 +160,7 @@ public class RemoteDevToolsAutoConfiguration {
@Configuration
@ConditionalOnClass(WebSecurityConfigurerAdapter.class)
@ConditionalOnBean(ObjectPostProcessor.class)
static class RemoteDevToolsSecurityConfiguration {
@Bean

Loading…
Cancel
Save