Adapt to Spring Security change

This commit updates `WebFluxSecurityConfiguration` to look for a `WebFilterChainProxy` rather than the default configuration that `@EnableWebFluxSecurity` triggers. The latter is now package private.
7 years ago · e7cb0be6d8
parent a688613fb4
commit e7cb0be6d8
2 changed files with 4 additions and 5 deletions
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/WebFluxSecurityConfiguration.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/reactive/WebFluxSecurityConfiguration.java
@ -20,6 +20,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.web.server.WebFilterChainProxy;

 /**
 * Switches on {@link EnableWebFluxSecurity} for a reactive web application if this
@ -28,8 +29,8 @@ import org.springframework.security.config.annotation.web.reactive.EnableWebFlux
 * @author Madhura Bhave
 * @since 2.0.0
 */
-@ConditionalOnClass(EnableWebFluxSecurity.class)
-@ConditionalOnMissingBean(org.springframework.security.config.annotation.web.reactive.WebFluxSecurityConfiguration.class)
+@ConditionalOnClass({ EnableWebFluxSecurity.class, WebFilterChainProxy.class })
+@ConditionalOnMissingBean(WebFilterChainProxy.class)
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
@EnableWebFluxSecurity
 public class WebFluxSecurityConfiguration {
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfigurationTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/reactive/ReactiveSecurityAutoConfigurationTests.java
@ -29,8 +29,6 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.server.reactive.HttpHandler;
 import org.springframework.security.authentication.ReactiveAuthenticationManager;
-import org.springframework.security.config.annotation.web.reactive.ServerHttpSecurityConfiguration;
-import org.springframework.security.config.annotation.web.reactive.WebFluxSecurityConfiguration;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
 import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
@ -58,7 +56,7 @@ public class ReactiveSecurityAutoConfigurationTests {
 				.withConfiguration(
 						AutoConfigurations.of(ReactiveSecurityAutoConfiguration.class))
 				.run((context) -> {
-					assertThat(context).getBean(ServerHttpSecurityConfiguration.class)
+					assertThat(context).getBean(WebFilterChainProxy.class)
 							.isNotNull();
 					assertThat(context).getBean(WebFluxSecurityConfiguration.class)
 							.isNotNull();