diff --git a/core/src/main/java/org/springframework/security/jackson2/SecurityJackson2Modules.java b/core/src/main/java/org/springframework/security/jackson2/SecurityJackson2Modules.java index 21f03b5d56f..ee5ba929f7e 100644 --- a/core/src/main/java/org/springframework/security/jackson2/SecurityJackson2Modules.java +++ b/core/src/main/java/org/springframework/security/jackson2/SecurityJackson2Modules.java @@ -57,6 +57,7 @@ * mapper.registerModule(new CoreJackson2Module()); * mapper.registerModule(new CasJackson2Module()); * mapper.registerModule(new WebJackson2Module()); + * mapper.registerModule(new WebServletJackson2Module()); * * * @author Jitendra Singh. @@ -70,6 +71,8 @@ public final class SecurityJackson2Modules { "org.springframework.security.cas.jackson2.CasJackson2Module", "org.springframework.security.web.jackson2.WebJackson2Module" ); + private static final String webServletJackson2ModuleClass = + "org.springframework.security.web.jackson2.WebServletJackson2Module"; private SecurityJackson2Modules() { } @@ -109,14 +112,26 @@ private static Module loadAndGetInstance(String className, ClassLoader loader) { public static List getModules(ClassLoader loader) { List modules = new ArrayList<>(); for (String className : securityJackson2ModuleClasses) { - Module module = loadAndGetInstance(className, loader); - if (module != null) { - modules.add(module); - } + addToModulesList(loader, modules, className); + } + if (ClassUtils.isPresent("javax.servlet.http.Cookie", loader)) { + addToModulesList(loader, modules, webServletJackson2ModuleClass); } return modules; } + /** + * @param loader the ClassLoader to use + * @param modules list of the modules to add + * @param className name of the class to instantiate + */ + private static void addToModulesList(ClassLoader loader, List modules, String className) { + Module module = loadAndGetInstance(className, loader); + if (module != null) { + modules.add(module); + } + } + /** * Creates a TypeResolverBuilder that performs whitelisting. * @return a TypeResolverBuilder that performs whitelisting. diff --git a/web/src/main/java/org/springframework/security/web/jackson2/CookieMixin.java b/web/src/main/java/org/springframework/security/web/jackson2/CookieMixin.java index 545c230e0a5..24e9e7b15a9 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/CookieMixin.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/CookieMixin.java @@ -25,11 +25,11 @@ * *
  *     ObjectMapper mapper = new ObjectMapper();
- *     mapper.registerModule(new WebJackson2Module());
+ *     mapper.registerModule(new WebServletJackson2Module());
  * 
* * @author Jitendra Singh - * @see WebJackson2Module + * @see WebServletJackson2Module * @see org.springframework.security.jackson2.SecurityJackson2Modules * @since 4.2 */ diff --git a/web/src/main/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixin.java b/web/src/main/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixin.java index 7b1ffbf78a5..2faef88309c 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixin.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixin.java @@ -29,11 +29,11 @@ *

*

  *     ObjectMapper mapper = new ObjectMapper();
- *     mapper.registerModule(new WebJackson2Module());
+ *     mapper.registerModule(new WebServletJackson2Module());
  * 
* * @author Jitendra Singh - * @see WebJackson2Module + * @see WebServletJackson2Module * @see org.springframework.security.jackson2.SecurityJackson2Modules * @since 4.2 */ diff --git a/web/src/main/java/org/springframework/security/web/jackson2/SavedCookieMixin.java b/web/src/main/java/org/springframework/security/web/jackson2/SavedCookieMixin.java index f8fbabec78a..3c6d53e5ae5 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/SavedCookieMixin.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/SavedCookieMixin.java @@ -24,11 +24,11 @@ * *
  * 		ObjectMapper mapper = new ObjectMapper();
- *		mapper.registerModule(new WebJackson2Module());
+ *		mapper.registerModule(new WebServletJackson2Module());
  * 
* * @author Jitendra Singh. - * @see WebJackson2Module + * @see WebServletJackson2Module * @see org.springframework.security.jackson2.SecurityJackson2Modules * @since 4.2 */ diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixin.java b/web/src/main/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixin.java index ebccab34f4d..a26713c01d9 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixin.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/WebAuthenticationDetailsMixin.java @@ -23,11 +23,11 @@ * *
  * 	ObjectMapper mapper = new ObjectMapper();
- *	mapper.registerModule(new WebJackson2Module());
+ *	mapper.registerModule(new WebServletJackson2Module());
  * 
* * @author Jitendra Singh - * @see WebJackson2Module + * @see WebServletJackson2Module * @see org.springframework.security.jackson2.SecurityJackson2Modules * @since 4.2 */ diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java index de9adaf2079..57bab689930 100644 --- a/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java +++ b/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java @@ -16,23 +16,17 @@ package org.springframework.security.web.jackson2; -import javax.servlet.http.Cookie; - import org.springframework.security.jackson2.SecurityJackson2Modules; -import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; import org.springframework.security.web.csrf.DefaultCsrfToken; -import org.springframework.security.web.savedrequest.DefaultSavedRequest; -import org.springframework.security.web.savedrequest.SavedCookie; import com.fasterxml.jackson.core.Version; -import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.module.SimpleModule; /** - * Jackson module for spring-security-web. This module register {@link CookieMixin}, - * {@link DefaultCsrfTokenMixin}, {@link DefaultSavedRequestMixin} and {@link WebAuthenticationDetailsMixin}. If no - * default typing enabled by default then it'll enable it because typing info is needed to properly serialize/deserialize objects. + * Jackson module for spring-security-web. This module register {@link DefaultCsrfTokenMixin} and + * {@link PreAuthenticatedAuthenticationTokenMixin}. If no default typing enabled by default then it'll enable + * it because typing info is needed to properly serialize/deserialize objects. * In order to use this module just add this module into your ObjectMapper configuration. * *
@@ -53,12 +47,8 @@ public WebJackson2Module() {
 
 	@Override
 	public void setupModule(SetupContext context) {
-		SecurityJackson2Modules.enableDefaultTyping((ObjectMapper) context.getOwner());
-		context.setMixInAnnotations(Cookie.class, CookieMixin.class);
-		context.setMixInAnnotations(SavedCookie.class, SavedCookieMixin.class);
+		SecurityJackson2Modules.enableDefaultTyping(context.getOwner());
 		context.setMixInAnnotations(DefaultCsrfToken.class, DefaultCsrfTokenMixin.class);
-		context.setMixInAnnotations(DefaultSavedRequest.class, DefaultSavedRequestMixin.class);
-		context.setMixInAnnotations(WebAuthenticationDetails.class, WebAuthenticationDetailsMixin.class);
 		context.setMixInAnnotations(PreAuthenticatedAuthenticationToken.class, PreAuthenticatedAuthenticationTokenMixin.class);
 	}
 }
diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java
new file mode 100644
index 00000000000..db9bb7cd86e
--- /dev/null
+++ b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2015-2016 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.web.jackson2;
+
+import javax.servlet.http.Cookie;
+
+import org.springframework.security.jackson2.SecurityJackson2Modules;
+import org.springframework.security.web.authentication.WebAuthenticationDetails;
+import org.springframework.security.web.savedrequest.DefaultSavedRequest;
+import org.springframework.security.web.savedrequest.SavedCookie;
+
+import com.fasterxml.jackson.core.Version;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+
+/**
+ * Jackson module for spring-security-web related to servlet. This module register {@link CookieMixin},
+ * {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin} and {@link WebAuthenticationDetailsMixin}. If no
+ * default typing enabled by default then it'll enable it because typing info is needed to properly serialize/deserialize objects.
+ * In order to use this module just add this module into your ObjectMapper configuration.
+ *
+ * 
+ *     ObjectMapper mapper = new ObjectMapper();
+ *     mapper.registerModule(new WebServletJackson2Module());
+ * 
+ * Note: use {@link SecurityJackson2Modules#getModules(ClassLoader)} to get list of all security modules. + * + * @author Boris Finkelshteyn + * @see SecurityJackson2Modules + * @since 5.1 + */ +public class WebServletJackson2Module extends SimpleModule { + + public WebServletJackson2Module() { + super(WebJackson2Module.class.getName(), new Version(1, 0, 0, null, null, null)); + } + + @Override + public void setupModule(SetupContext context) { + SecurityJackson2Modules.enableDefaultTyping(context.getOwner()); + context.setMixInAnnotations(Cookie.class, CookieMixin.class); + context.setMixInAnnotations(SavedCookie.class, SavedCookieMixin.class); + context.setMixInAnnotations(DefaultSavedRequest.class, DefaultSavedRequestMixin.class); + context.setMixInAnnotations(WebAuthenticationDetails.class, WebAuthenticationDetailsMixin.class); + } +}