Skip to content

@Bean SecurityFilterChain is not working in tomcat with xml security configuration files. #10542

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
fr2lancer opened this issue Nov 23, 2021 · 5 comments
Closed

@Bean SecurityFilterChain is not working in tomcat with xml security configuration files. #10542

fr2lancer opened this issue Nov 23, 2021 · 5 comments
Labels
type: enhancement A general enhancement

Comments

@fr2lancer
Copy link

fr2lancer commented Nov 23, 2021
edited
Loading

Environment :

Spring 5.3.12
Spring Security 5.6.0
Tomcat 9.0

Expected Behavior

@Bean
SecurityFilterChain filterChain(HttpSecurity http) {} should load the config as same as when using WebSecurityConfigurerAdapter with  xml security configuration files.

Current Behavior

@Bean
SecurityFilterChain filterChain(HttpSecurity http) {} is working fine with WebTestClient.

However if I run the application under tomcat after creating war, it seems only applies xml configurations not in the java configuration.

Using WebSecurityConfigurerAdapter with xml security configuration files, it works fine.
However it is not working with @bean SecurityFilterChain + xml security configuration files.

#10003
#9451
#8821
@fr2lancer fr2lancer added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Nov 23, 2021
@marcusdacoregio
Copy link
Contributor

Hi @fr2lancer. I'm not so sure if I follow.

Do you mean that when defining a SecurityFilterChain bean, the default configuration is not created?
Or do you have a specific configuration inside your bean definition that is not loading?

@fr2lancer
Copy link
Author

fr2lancer commented Nov 25, 2021
edited
Loading

Hi

To simplify this,

Xml security configuration files with

@EnableWebSecurity
public class Module2SecurityFilterChain

@Bean
SecurityFilterChain filterChain(HttpSecurity http) {
 //content
}

-> //content is not applied.

Previous behaviors was

Xml security configuration files with

@EnableWebSecurity
public class Module2SecurityFilterChain extends WebSecurityConfigurerAdapter {
 @Override
void configure(HttpSecurity http)
 //content
}

-> //content is applied.

@marcusdacoregio
Copy link
Contributor

Can you provide a minimal, reproducible sample, so we can troubleshoot what is happening more precisely?

@marcusdacoregio marcusdacoregio added the status: waiting-for-feedback We need additional information before we can continue label Nov 29, 2021
@jgrandja jgrandja removed the status: waiting-for-triage An issue we've not yet triaged label Nov 29, 2021
@spring-projects-issues
Copy link

If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.

@spring-projects-issues spring-projects-issues added the status: feedback-reminder We've sent a reminder that we need additional information before we can continue label Dec 6, 2021
@spring-projects-issues
Copy link

Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.

@spring-projects-issues spring-projects-issues removed status: waiting-for-feedback We need additional information before we can continue status: feedback-reminder We've sent a reminder that we need additional information before we can continue labels Dec 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fr2lancer @jgrandja @marcusdacoregio @spring-projects-issues