Change EnableReactiveMethodSecurity Defaults

jzheaux · jzheaux · commit 5b6b3d585fdc · 2023-01-10T08:30:52.000-07:00
Closes gh-12506
diff --git a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurity.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -73,6 +73,6 @@
 	 * used.
 	 * @since 5.8
 	 */
-	boolean useAuthorizationManager() default false;
+	boolean useAuthorizationManager() default true;
 
 }
diff --git a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -78,8 +78,7 @@ public void notPublisherPreAuthorizeFindByIdThenThrowsIllegalStateException() {
 				.withMessage("The returnType class java.lang.String on public abstract java.lang.String "
 						+ "org.springframework.security.config.annotation.method.configuration.ReactiveMessageService"
 						+ ".notPublisherPreAuthorizeFindById(long) must return an instance of org.reactivestreams"
-						+ ".Publisher (i.e. Mono / Flux) or the function must be a Kotlin coroutine "
-						+ "function in order to support Reactor Context");
+						+ ".Publisher (for example, a Mono or Flux) in order to support Reactor Context");
 	}
 
 	@Test
diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/method/configuration/KotlinEnableReactiveMethodSecurityNoAuthorizationManagerTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/method/configuration/KotlinEnableReactiveMethodSecurityNoAuthorizationManagerTests.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -38,7 +38,8 @@ import org.springframework.test.context.junit.jupiter.SpringExtension
 
 @ExtendWith(SpringExtension::class)
 @ContextConfiguration
-class KotlinEnableReactiveMethodSecurityTests {
+// no authorization manager due to https://github.com/spring-projects/spring-security/issues/12080
+class KotlinEnableReactiveMethodSecurityNoAuthorizationManagerTests {
 
     private lateinit var delegate: KotlinReactiveMessageService
 
@@ -211,7 +212,7 @@ class KotlinEnableReactiveMethodSecurityTests {
     }
 
     @Configuration
-    @EnableReactiveMethodSecurity
+    @EnableReactiveMethodSecurity(useAuthorizationManager = false)
     open class Config {
         var delegate = mockk<KotlinReactiveMessageService>()
 

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`/*`
`2`		`- * Copyright 2002-2017 the original author or authors.`
	`2`	`+ * Copyright 2002-2023 the original author or authors.`
`3`	`3`	`*`
`4`	`4`	`* Licensed under the Apache License, Version 2.0 (the "License");`
`5`	`5`	`* you may not use this file except in compliance with the License.`
`@@ -73,6 +73,6 @@`
`73`	`73`	`* used.`
`74`	`74`	`* @since 5.8`
`75`	`75`	`*/`
`76`		`- boolean useAuthorizationManager() default false;`
	`76`	`+ boolean useAuthorizationManager() default true;`
`77`	`77`
`78`	`78`	`}`