Skip to content

Prepare Request Matching for Spring Framework Changes #16417

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
3 tasks done
jzheaux opened this issue Jan 14, 2025 · 5 comments
Closed
3 tasks done

Prepare Request Matching for Spring Framework Changes #16417

jzheaux opened this issue Jan 14, 2025 · 5 comments
Assignees
@jzheaux
Labels
in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
Milestone
6.5.0-RC1

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Jan 14, 2025
edited
Loading

In future versions of Spring Security, we should move away from PathMatcher (used by AntPathRequestMatcher) and HandlerMappingIntrospector (used by MvcRequestMatcher) as they are deprecated Spring Framework 7.0 M1.

This will also assist with efforts to simplify construction of path-based RequestMatchers.

  • Migrate CasAuthenticationFilter from AntPathRequestMatcher
  • Migrate SwitchUserFilter from AntPathRequestMatcher
  • Migrate OAuth2LoginBeanDefinitionParser from AntPathRequestMatcher
@jzheaux jzheaux added in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement labels Jan 14, 2025
@jzheaux jzheaux added this to the 6.5.x milestone Jan 14, 2025
@jzheaux jzheaux self-assigned this Jan 14, 2025
@evgeniycheban
Copy link
Contributor

Hi, @jzheaux, can I work on this? I'd want to start with adding PathPatternRequestMatcher along with tests.

@jzheaux
Copy link
Contributor Author

jzheaux commented Jan 15, 2025
edited
Loading

Hi, @evgeniycheban, thanks for volunteering! Some of this is already addressed in a draft PR, so allow me to clean that up first so it's clear what work remains. I'll report back here when that's ready, and then we can divvy out the remaining work.

@jzheaux
Copy link
Contributor Author

jzheaux commented Feb 3, 2025

@evgeniycheban, if you don't mind following the draft PR while I'm gathering feedback for it, #16500 and #16501 are ready to begin work on.

@evgeniycheban
Copy link
Contributor

@jzheaux sure, please assign #16501 to me.

@rstoyanchev rstoyanchev mentioned this issue Feb 7, 2025
Closed
@rwinch rwinch mentioned this issue Feb 7, 2025
Closed
jzheaux added a commit that referenced this issue Mar 26, 2025
@jzheaux
Polish SwitchUserFilterTests
1eec51a 
Ensure that the appropriate HTTP Method is specified in tests

Issue gh-16417
jzheaux added a commit that referenced this issue Mar 26, 2025
@jzheaux
Add RequestMatcher MigrationPath for SwitchUserFilter
15d9c13 
To simplify migration, the filter's setter methods still use AntPathRequestMatcher.
Users can call the equivalent RequestMatcher setter methods to opt-in to the change early.

Issue gh-16417
jzheaux added a commit that referenced this issue Mar 26, 2025
@jzheaux
Add RequestMatcher Migration Path for CAS
91ee5e7 
Issue gh-16417
jzheaux added a commit that referenced this issue Mar 26, 2025
@jzheaux
Add RequestMatcher Migration Path for AbstractAuthenticationProcessin…
9934553 
…gFilter

Issue gh-16417
@jzheaux jzheaux modified the milestones: 6.5.x, 6.5.0-RC1 Apr 7, 2025
@jzheaux
Copy link
Contributor Author

jzheaux commented Apr 7, 2025

Thanks again, @evgeniycheban and @pat-mccusker for your contributions! We should now be ready when Spring Framework removes HandlerMappingIntrospector.

@jzheaux jzheaux closed this as completed Apr 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
Projects
None yet
Milestone
6.5.0-RC1
Development

No branches or pull requests
2 participants
@jzheaux @evgeniycheban