Add noformat blocks around http config

Find `http` config using a regex search of `^\s*https*$` and protect
them against formatting.

Issue gh-8945

config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java

@@ -357,18 +357,18 @@ public abstract class WebSecurityConfigurerAdapter implements
 	 * @param http the {@link HttpSecurity} to modify
 	 * @throws Exception if an error occurs
 	 */
-	// @formatter:off
 	protected void configure(HttpSecurity http) throws Exception {
 		logger.debug("Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity).");
 
+		// @formatter:off
 		http
 			.authorizeRequests()
 				.anyRequest().authenticated()
 				.and()
 			.formLogin().and()
 			.httpBasic();
+		// @formatter:on
 	}
-	// @formatter:on
 
 	/**
 	 * Gets the ApplicationContext

config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java

@@ -169,17 +169,17 @@ public final class X509Configurer<H extends HttpSecurityBuilder<H>> extends
 		return this;
 	}
 
-	// @formatter:off
 	@Override
 	public void init(H http) {
 		PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider();
 		authenticationProvider.setPreAuthenticatedUserDetailsService(getAuthenticationUserDetailsService(http));
 
+		// @formatter:off
 		http
 			.authenticationProvider(authenticationProvider)
 			.setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint());
+		// @formatter:on
 	}
-	// @formatter:on
 
 	@Override
 	public void configure(H http) {

config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java

@@ -96,16 +96,20 @@ class WebFluxSecurityConfiguration {
 	 * @return
 	 */
 	private SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
+		// @formatter:off
 		http
 			.authorizeExchange()
 				.anyExchange().authenticated();
+		// @formatter:on
 
 		if (isOAuth2Present && OAuth2ClasspathGuard.shouldConfigure(this.context)) {
 			OAuth2ClasspathGuard.configure(this.context, http);
 		} else {
+			// @formatter:off
 			http
 				.httpBasic().and()
 				.formLogin();
+			// @formatter:on
 		}
 
 		SecurityWebFilterChain result = http.build();
@@ -114,9 +118,11 @@ class WebFluxSecurityConfiguration {
 
 	private static class OAuth2ClasspathGuard {
 		static void configure(ApplicationContext context, ServerHttpSecurity http) {
+			// @formatter:off
 			http
 				.oauth2Login().and()
 				.oauth2Client();
+			// @formatter:on
 		}
 
 		static boolean shouldConfigure(ApplicationContext context) {

config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java

@@ -1812,6 +1812,7 @@ public class ServerHttpSecurity {
 
 		private void registerDefaultCsrfOverride(ServerHttpSecurity http) {
 			if ( http.csrf != null && !http.csrf.specifiedRequireCsrfProtectionMatcher ) {
+				// @formatter:off
 				http
 					.csrf()
 					.requireCsrfProtectionMatcher(
@@ -1819,6 +1820,7 @@ public class ServerHttpSecurity {
 									CsrfWebFilter.DEFAULT_CSRF_MATCHER,
 									new NegatedServerWebExchangeMatcher(
 											this.authenticationConverterServerWebExchangeMatcher)));
+				// @formatter:on
 			}
 		}
 
@@ -1920,8 +1922,10 @@ public class ServerHttpSecurity {
 				AuthenticationWebFilter oauth2 = new BearerTokenAuthenticationWebFilter(authenticationManager);
 				oauth2.setServerAuthenticationConverter(bearerTokenConverter);
 				oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint));
+				// @formatter:off
 				http
 					.addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION);
+				// @formatter:on
 			}
 
 			protected ReactiveJwtDecoder getJwtDecoder() {

config/src/test/java/org/springframework/security/config/annotation/issue50/SecurityConfig.java

@@ -45,22 +45,22 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	@Autowired
 	private UserRepository myUserRepository;
 
-	// @formatter:off
 	@Override
 	protected void configure(AuthenticationManagerBuilder auth) {
+		// @formatter:off
 		auth
 			.authenticationProvider(authenticationProvider());
+		// @formatter:on
 	}
-	// @formatter:on
 
-	// @formatter:off
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
+		// @formatter:off
 		http
 			.authorizeRequests()
 				.antMatchers("/*").permitAll();
+		// @formatter:on
 	}
-	// @formatter:on
 
 	@Bean
 	@Override

config/src/test/java/org/springframework/security/config/annotation/sec2758/Sec2758Tests.java

@@ -96,9 +96,11 @@ public class Sec2758Tests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().access("hasAnyRole('CUSTOM')");
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryAnyMatcherTests.java

@@ -35,10 +35,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
 	@EnableWebSecurity
 	static class AntMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 				.anyRequest().authenticated()
 				.antMatchers("/demo/**").permitAll();
+			// @formatter:on
 
 		}
 	}
@@ -51,10 +53,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
 	@EnableWebSecurity
 	static class MvcMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 				.anyRequest().authenticated()
 				.mvcMatchers("/demo/**").permitAll();
+			// @formatter:on
 
 		}
 	}
@@ -67,10 +71,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
 	@EnableWebSecurity
 	static class RegexMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 				.anyRequest().authenticated()
 				.regexMatchers(".*").permitAll();
+			// @formatter:on
 
 		}
 	}
@@ -83,10 +89,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
 	@EnableWebSecurity
 	static class AnyRequestAfterItselfConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 				.anyRequest().authenticated()
 				.anyRequest().permitAll();
+			// @formatter:on
 
 		}
 	}
@@ -99,10 +107,12 @@ public class AbstractRequestMatcherRegistryAnyMatcherTests{
 	@EnableWebSecurity
 	static class RequestMatchersAfterAnyRequestConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 				.anyRequest().authenticated()
 				.requestMatchers(new AntPathRequestMatcher("/**")).permitAll();
+			// @formatter:on
 
 		}
 	}

config/src/test/java/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.java

@@ -218,6 +218,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/signup", "/about").permitAll()
@@ -227,6 +228,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
 					.loginPage("/login")
 						// set permitAll for all URLs associated with Form Login
 						.permitAll();
+			// @formatter:on
 		}
 
 		@Override
@@ -354,6 +356,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
 		@Order(1)
 		public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 					.antMatcher("/api/**")
 						.authorizeRequests()
@@ -361,6 +364,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
 							.antMatchers("/api/**").hasRole("USER")
 							.and()
 						.httpBasic();
+				// @formatter:on
 			}
 		}
 
@@ -375,6 +379,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
 
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 					.authorizeRequests()
 						.antMatchers("/signup", "/about").permitAll()
@@ -383,6 +388,7 @@ public class SampleWebSecurityConfigurerAdapterTests {
 					.formLogin()
 						.loginPage("/login")
 							.permitAll();
+				// @formatter:on
 			}
 		}
 	}

config/src/test/java/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.java

@@ -68,8 +68,10 @@ public class HttpConfigurationTests {
 	static class UnregisteredFilterConfig extends WebSecurityConfigurerAdapter {
 
 		protected void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				.addFilter(new UnregisteredFilter());
+			// @formatter:on
 		}
 
 		protected void configure(AuthenticationManagerBuilder auth) throws Exception {
@@ -105,8 +107,10 @@ public class HttpConfigurationTests {
 		static CasAuthenticationFilter CAS_AUTHENTICATION_FILTER;
 
 		protected void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				.addFilter(CAS_AUTHENTICATION_FILTER);
+			// @formatter:on
 		}
 	}
 
@@ -124,6 +128,7 @@ public class HttpConfigurationTests {
 	static class RequestMatcherRegistryConfigs extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.requestMatchers()
 					.antMatchers("/api/**")
@@ -133,6 +138,7 @@ public class HttpConfigurationTests {
 					.antMatchers("/**").hasRole("USER")
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
 	}
 }

config/src/test/java/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.java

@@ -94,10 +94,12 @@ public class NamespaceHttpTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().permitAll()
 				.accessDecisionManager(ACCESS_DECISION_MANAGER);
+			// @formatter:on
 		}
 	}
 
@@ -114,6 +116,7 @@ public class NamespaceHttpTests {
 	static class AccessDeniedPageConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/admin").hasRole("ADMIN")
@@ -121,6 +124,7 @@ public class NamespaceHttpTests {
 					.and()
 				.exceptionHandling()
 					.accessDeniedPage("/AccessDeniedPage");
+			// @formatter:on
 		}
 	}
 
@@ -145,11 +149,13 @@ public class NamespaceHttpTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
 	}
 
@@ -168,12 +174,14 @@ public class NamespaceHttpTests {
 	static class CreateSessionAlwaysConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().permitAll()
 					.and()
 				.sessionManagement()
 					.sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
+			// @formatter:on
 		}
 	}
 
@@ -191,12 +199,14 @@ public class NamespaceHttpTests {
 	static class CreateSessionStatelessConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().permitAll()
 					.and()
 				.sessionManagement()
 					.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+			// @formatter:on
 		}
 	}
 
@@ -220,6 +230,7 @@ public class NamespaceHttpTests {
 	static class IfRequiredConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/unsecure").permitAll()
@@ -229,6 +240,7 @@ public class NamespaceHttpTests {
 					.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
 	}
 
@@ -246,12 +258,14 @@ public class NamespaceHttpTests {
 	static class CreateSessionNeverConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().anonymous()
 					.and()
 				.sessionManagement()
 					.sessionCreationPolicy(SessionCreationPolicy.NEVER);
+			// @formatter:on
 		}
 	}
 
@@ -268,6 +282,7 @@ public class NamespaceHttpTests {
 	static class EntryPointRefConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -276,6 +291,7 @@ public class NamespaceHttpTests {
 					.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/entry-point"))
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
 	}
 
@@ -299,8 +315,10 @@ public class NamespaceHttpTests {
 	static class JaasApiProvisionConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				.addFilter(new JaasApiIntegrationFilter());
+			// @formatter:on
 		}
 	}
 
@@ -317,12 +335,14 @@ public class NamespaceHttpTests {
 	static class RealmConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
 					.and()
 				.httpBasic()
 					.realmName("RealmConfig");
+			// @formatter:on
 		}
 	}
 
@@ -341,8 +361,10 @@ public class NamespaceHttpTests {
 	static class RequestMatcherAntConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				.antMatcher("/api/**");
+			// @formatter:on
 		}
 	}
 
@@ -361,8 +383,10 @@ public class NamespaceHttpTests {
 	static class RequestMatcherRegexConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				.regexMatcher("/regex/.*");
+			// @formatter:on
 		}
 	}
 
@@ -381,8 +405,10 @@ public class NamespaceHttpTests {
 	static class RequestMatcherRefConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				.requestMatcher(new MyRequestMatcher());
+			// @formatter:on
 		}
 
 		static class MyRequestMatcher implements RequestMatcher {
@@ -439,6 +465,7 @@ public class NamespaceHttpTests {
 	static class SecurityContextRepoConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -447,6 +474,7 @@ public class NamespaceHttpTests {
 					.securityContextRepository(new NullSecurityContextRepository())
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
 
 		@Override
@@ -470,12 +498,14 @@ public class NamespaceHttpTests {
 	static class ServletApiProvisionConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().permitAll()
 					.and()
 				.servletApi()
 					.disable();
+			// @formatter:on
 		}
 	}
 
@@ -492,9 +522,11 @@ public class NamespaceHttpTests {
 	static class ServletApiProvisionDefaultsConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().permitAll();
+			// @formatter:on
 		}
 	}
 
@@ -525,11 +557,13 @@ public class NamespaceHttpTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/users**", "/sessions/**").hasRole("USER")
 					.antMatchers("/signup").permitAll()
 					.anyRequest().hasRole("USER");
+			// @formatter:on
 		}
 
 		@Override
@@ -560,11 +594,13 @@ public class NamespaceHttpTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.apply(new UrlAuthorizationConfigurer<>(getApplicationContext())).getRegistry()
 					.antMatchers("/users**", "/sessions/**").hasRole("USER")
 					.antMatchers("/signup").hasRole("ANONYMOUS")
 					.anyRequest().hasRole("USER");
+			// @formatter:on
 		}
 
 		@Override

config/src/test/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurityTests.java

@@ -77,11 +77,13 @@ public class EnableWebSecurityTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/*").hasRole("USER")
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java

@@ -127,10 +127,12 @@ public class WebSecurityConfigurationTests {
 
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 					.antMatcher("/role1/**")
 					.authorizeRequests()
 						.anyRequest().hasRole("1");
+				// @formatter:on
 			}
 		}
 
@@ -139,10 +141,12 @@ public class WebSecurityConfigurationTests {
 		static class WebConfigurer2 extends WebSecurityConfigurerAdapter {
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 					.antMatcher("/role2/**")
 					.authorizeRequests()
 						.anyRequest().hasRole("2");
+				// @formatter:on
 			}
 		}
 
@@ -151,10 +155,12 @@ public class WebSecurityConfigurationTests {
 		static class WebConfigurer3 extends WebSecurityConfigurerAdapter {
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 					.antMatcher("/role3/**")
 					.authorizeRequests()
 						.anyRequest().hasRole("3");
+				// @formatter:on
 			}
 		}
 
@@ -163,9 +169,11 @@ public class WebSecurityConfigurationTests {
 
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 					.authorizeRequests()
 						.anyRequest().hasRole("4");
+				// @formatter:on
 			}
 		}
 	}
@@ -258,10 +266,12 @@ public class WebSecurityConfigurationTests {
 		static class WebConfigurer1 extends WebSecurityConfigurerAdapter {
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 					.antMatcher("/role1/**")
 						.authorizeRequests()
 							.anyRequest().hasRole("1");
+				// @formatter:on
 			}
 		}
 
@@ -269,10 +279,12 @@ public class WebSecurityConfigurationTests {
 		static class WebConfigurer2 extends WebSecurityConfigurerAdapter {
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 					.antMatcher("/role2/**")
 						.authorizeRequests()
 							.anyRequest().hasRole("2");
+				// @formatter:on
 			}
 		}
 	}
@@ -319,10 +331,12 @@ public class WebSecurityConfigurationTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
 					.expressionHandler(EXPRESSION_HANDLER);
+			// @formatter:on
 		}
 	}
 
@@ -357,9 +371,11 @@ public class WebSecurityConfigurationTests {
 	static class WebSecurityExpressionHandlerDefaultsConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated();
+			// @formatter:on
 		}
 	}
 
@@ -436,9 +452,11 @@ public class WebSecurityConfigurationTests {
 	static class WebInvocationPrivilegeEvaluatorDefaultsConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated();
+			// @formatter:on
 		}
 	}
 
@@ -475,9 +493,11 @@ public class WebSecurityConfigurationTests {
 	static class DefaultExpressionHandlerSetsBeanResolverConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().access("request.method == 'GET' ? @b.grant() : @b.deny()");
+			// @formatter:on
 		}
 
 		@RestController
@@ -571,10 +591,12 @@ public class WebSecurityConfigurationTests {
 
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 						.antMatcher("/anonymous/**")
 						.authorizeRequests()
 						.anyRequest().anonymous();
+				// @formatter:on
 			}
 		}
 
@@ -583,9 +605,11 @@ public class WebSecurityConfigurationTests {
 
 			@Override
 			protected void configure(HttpSecurity http) throws Exception {
+				// @formatter:off
 				http
 						.authorizeRequests()
 						.anyRequest().authenticated();
+				// @formatter:on
 			}
 		}
 	}

config/src/test/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurerTests.java

@@ -60,12 +60,14 @@ public class AnonymousConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.anonymous()
 					.key("key")
 					.principal("principal")
 					.and()
 				.anonymous();
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java

@@ -83,10 +83,12 @@ public class FormLoginConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.formLogin().and()
 				.requestCache()
 					.requestCache(this.requestCache);
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityAntMatchersTests.java

@@ -78,12 +78,14 @@ public class HttpSecurityAntMatchersTests {
 	@Configuration
 	static class AntMatchersNoPatternsConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.requestMatchers()
 					.antMatchers(HttpMethod.POST)
 					.and()
 				.authorizeRequests()
 					.anyRequest().denyAll();
+			// @formatter:on
 		}
 
 		@Override
@@ -108,6 +110,7 @@ public class HttpSecurityAntMatchersTests {
 	@Configuration
 	static class AntMatchersEmptyPatternsConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.requestMatchers()
 					.antMatchers("/never/")
@@ -115,6 +118,7 @@ public class HttpSecurityAntMatchersTests {
 					.and()
 				.authorizeRequests()
 					.anyRequest().denyAll();
+			// @formatter:on
 		}
 
 		@Override

config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java

@@ -85,10 +85,12 @@ public class HttpSecurityLogoutTests {
 	@Configuration
 	static class ClearAuthenticationFalseConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.csrf().disable()
 				.logout()
 					.clearAuthentication(false);
+			// @formatter:on
 		}
 
 		@Override

config/src/test/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurerClearSiteDataTests.java

@@ -97,9 +97,11 @@ public class LogoutConfigurerClearSiteDataTests {
 	static class HttpLogoutConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.logout()
 					.addLogoutHandler(new HeaderWriterLogoutHandler(new ClearSiteDataHeaderWriter(SOURCE)));
+			// @formatter:on
 		}
 	}
 }

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.java

@@ -95,11 +95,13 @@ public class NamespaceHttpBasicTests {
 	@EnableWebSecurity
 	static class HttpBasicConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
 	}
 
@@ -151,11 +153,13 @@ public class NamespaceHttpBasicTests {
 	static class CustomHttpBasicConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.httpBasic().realmName("Custom Realm");
+			// @formatter:on
 		}
 	}
 
@@ -207,9 +211,11 @@ public class NamespaceHttpBasicTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.httpBasic()
 					.authenticationDetailsSource(this.authenticationDetailsSource);
+			// @formatter:on
 		}
 
 		@Bean
@@ -278,12 +284,14 @@ public class NamespaceHttpBasicTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.httpBasic()
 					.authenticationEntryPoint(this.authenticationEntryPoint);
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.java

@@ -67,9 +67,11 @@ public class NamespaceHttpCustomFilterTests {
 	@EnableWebSecurity
 	static class CustomFilterBeforeConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class)
 				.formLogin();
+			// @formatter:on
 		}
 	}
 
@@ -82,9 +84,11 @@ public class NamespaceHttpCustomFilterTests {
 	@EnableWebSecurity
 	static class CustomFilterAfterConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.addFilterAfter(new CustomFilter(), UsernamePasswordAuthenticationFilter.class)
 				.formLogin();
+			// @formatter:on
 		}
 	}
 
@@ -102,10 +106,12 @@ public class NamespaceHttpCustomFilterTests {
 		}
 
 		protected void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				// this works so long as the CustomFilter extends one of the standard filters
 				// if not, use addFilterBefore or addFilterAfter
 				.addFilter(new CustomFilter());
+			// @formatter:on
 		}
 	}
 
@@ -124,8 +130,10 @@ public class NamespaceHttpCustomFilterTests {
 		}
 
 		protected void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				.addFilterAt(new OtherCustomFilter(), UsernamePasswordAuthenticationFilter.class);
+			// @formatter:on
 		}
 	}
 
@@ -147,11 +155,13 @@ public class NamespaceHttpCustomFilterTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class);
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.java

@@ -86,11 +86,12 @@ public class NamespaceHttpExpressionHandlerTests {
 		protected void configure(HttpSecurity http) throws Exception {
 			DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler();
 			handler.setExpressionParser(expressionParser());
-
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.expressionHandler(handler)
 					.anyRequest().access("hasRole('USER')");
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.java

@@ -90,11 +90,13 @@ public class NamespaceHttpFormLoginTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
 	}
 
@@ -120,6 +122,7 @@ public class NamespaceHttpFormLoginTests {
 	static class FormLoginCustomConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
 			boolean alwaysUseDefaultSuccess = true;
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
@@ -131,6 +134,7 @@ public class NamespaceHttpFormLoginTests {
 					.failureUrl("/authentication/login?failed") // form-login@authentication-failure-url
 					.loginProcessingUrl("/authentication/login/process") // form-login@login-processing-url
 					.defaultSuccessUrl("/default", alwaysUseDefaultSuccess); // form-login@default-target-url / form-login@always-use-default-target
+			// @formatter:on
 		}
 	}
 
@@ -159,7 +163,7 @@ public class NamespaceHttpFormLoginTests {
 			SavedRequestAwareAuthenticationSuccessHandler successHandler =
 					new SavedRequestAwareAuthenticationSuccessHandler();
 			successHandler.setDefaultTargetUrl("/custom/targetUrl");
-
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
@@ -170,6 +174,7 @@ public class NamespaceHttpFormLoginTests {
 					.successHandler(successHandler) // form-login@authentication-success-handler-ref
 					.authenticationDetailsSource(authenticationDetailsSource()) // form-login@authentication-details-source-ref
 					.and();
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpHeadersTests.java

@@ -77,8 +77,10 @@ public class NamespaceHttpHeadersTests {
 	static class HeadersDefaultConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers();
+			// @formatter:on
 		}
 	}
 
@@ -94,10 +96,12 @@ public class NamespaceHttpHeadersTests {
 	static class HeadersCacheControlConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					.defaultsDisabled()
 					.cacheControl();
+			// @formatter:on
 		}
 	}
 
@@ -113,10 +117,12 @@ public class NamespaceHttpHeadersTests {
 	static class HstsConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					.defaultsDisabled()
 					.httpStrictTransportSecurity();
+			// @formatter:on
 		}
 	}
 
@@ -132,6 +138,7 @@ public class NamespaceHttpHeadersTests {
 	static class HstsCustomConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					// hsts@request-matcher-ref, hsts@max-age-seconds, hsts@include-subdomains
@@ -140,6 +147,7 @@ public class NamespaceHttpHeadersTests {
 						.requestMatcher(AnyRequestMatcher.INSTANCE)
 						.maxAgeInSeconds(15768000)
 						.includeSubDomains(false);
+			// @formatter:on
 		}
 	}
 
@@ -155,12 +163,14 @@ public class NamespaceHttpHeadersTests {
 	static class FrameOptionsSameOriginConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					// frame-options@policy=SAMEORIGIN
 					.defaultsDisabled()
 					.frameOptions()
 						.sameOrigin();
+			// @formatter:on
 		}
 	}
 
@@ -178,12 +188,14 @@ public class NamespaceHttpHeadersTests {
 	static class FrameOptionsAllowFromConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					// frame-options@ref
 					.defaultsDisabled()
 					.addHeaderWriter(new XFrameOptionsHeaderWriter(
 							new StaticAllowFromStrategy(URI.create("https://example.com"))));
+			// @formatter:on
 		}
 	}
 
@@ -199,11 +211,13 @@ public class NamespaceHttpHeadersTests {
 	static class XssProtectionConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					// xss-protection
 					.defaultsDisabled()
 					.xssProtection();
+			// @formatter:on
 		}
 	}
 
@@ -219,6 +233,7 @@ public class NamespaceHttpHeadersTests {
 	static class XssProtectionCustomConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					// xss-protection@enabled and xss-protection@block
@@ -226,6 +241,7 @@ public class NamespaceHttpHeadersTests {
 					.xssProtection()
 						.xssProtectionEnabled(true)
 						.block(false);
+			// @formatter:on
 		}
 	}
 
@@ -241,11 +257,13 @@ public class NamespaceHttpHeadersTests {
 	static class ContentTypeOptionsConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					// content-type-options
 					.defaultsDisabled()
 					.contentTypeOptions();
+			// @formatter:on
 		}
 	}
 
@@ -263,10 +281,12 @@ public class NamespaceHttpHeadersTests {
 	static class HeaderRefConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.headers()
 					.defaultsDisabled()
 					.addHeaderWriter(new StaticHeadersWriter("customHeaderName", "customHeaderValue"));
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.java

@@ -120,6 +120,7 @@ public class NamespaceHttpInterceptUrlTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					// the line below is similar to intercept-url@pattern:
@@ -142,6 +143,7 @@ public class NamespaceHttpInterceptUrlTests {
 					// the line below is similar to intercept-url@requires-channel="http":
 					//    <intercept-url pattern="/**" requires-channel="http"/>
 					.anyRequest().requiresInsecure();
+			// @formatter:on
 		}
 
 		protected void configure(AuthenticationManagerBuilder auth) throws Exception {

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.java

@@ -83,12 +83,14 @@ public class NamespaceHttpJeeTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("user")
 					.and()
 				.jee()
 					.mappableRoles("user", "admin");
+			// @formatter:on
 		}
 	}
 
@@ -120,6 +122,7 @@ public class NamespaceHttpJeeTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("user")
@@ -127,6 +130,7 @@ public class NamespaceHttpJeeTests {
 				.jee()
 					.mappableAuthorities("ROLE_user", "ROLE_admin")
 					.authenticatedUserDetailsService(this.authenticationUserDetailsService);
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpLogoutTests.java

@@ -122,12 +122,14 @@ public class NamespaceHttpLogoutTests {
 	static class CustomHttpLogoutConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.logout()
 					.deleteCookies("remove") // logout@delete-cookies
 					.invalidateHttpSession(false) // logout@invalidate-session=false (default is true)
 					.logoutUrl("/custom-logout") // logout@logout-url (default is /logout)
 					.logoutSuccessUrl("/logout-success"); // logout@success-url (default is /login?logout)
+			// @formatter:on
 		}
 	}
 
@@ -182,10 +184,11 @@ public class NamespaceHttpLogoutTests {
 			SimpleUrlLogoutSuccessHandler logoutSuccessHandler =
 					new SimpleUrlLogoutSuccessHandler();
 			logoutSuccessHandler.setDefaultTargetUrl("/SuccessHandlerRefHttpLogoutConfig");
-
+			// @formatter:off
 			http
 				.logout()
 					.logoutSuccessHandler(logoutSuccessHandler);
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.java

@@ -97,12 +97,14 @@ public class NamespaceHttpOpenIDLoginTests {
 	static class OpenIDLoginConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.openidLogin()
 					.permitAll();
+			// @formatter:on
 		}
 	}
 
@@ -159,6 +161,7 @@ public class NamespaceHttpOpenIDLoginTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
@@ -191,6 +194,7 @@ public class NamespaceHttpOpenIDLoginTests {
 							.and()
 						.and()
 					.permitAll();
+			// @formatter:on
 		}
 	}
 
@@ -209,6 +213,7 @@ public class NamespaceHttpOpenIDLoginTests {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			boolean alwaysUseDefaultSuccess = true;
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
@@ -219,6 +224,7 @@ public class NamespaceHttpOpenIDLoginTests {
 					.failureUrl("/authentication/login?failed") // openid-login@authentication-failure-url
 					.loginProcessingUrl("/authentication/login/process") // openid-login@login-processing-url
 					.defaultSuccessUrl("/default", alwaysUseDefaultSuccess); // openid-login@default-target-url / openid-login@always-use-default-target
+			// @formatter:on
 		}
 	}
 
@@ -267,7 +273,7 @@ public class NamespaceHttpOpenIDLoginTests {
 			SavedRequestAwareAuthenticationSuccessHandler handler =
 					new SavedRequestAwareAuthenticationSuccessHandler();
 			handler.setDefaultTargetUrl("/custom/targetUrl");
-
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
@@ -285,7 +291,7 @@ public class NamespaceHttpOpenIDLoginTests {
 							return filter;
 						}
 					});
-
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.java

@@ -64,6 +64,7 @@ public class NamespaceHttpPortMappingsTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
@@ -74,6 +75,7 @@ public class NamespaceHttpPortMappingsTests {
 				.requiresChannel()
 					.antMatchers("/login", "/secured/**").requiresSecure()
 					.anyRequest().requiresInsecure();
+			// @formatter:on
 		}
 
 		protected void configure(AuthenticationManagerBuilder auth) throws Exception {

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpRequestCacheTests.java

@@ -67,12 +67,14 @@ public class NamespaceHttpRequestCacheTests {
 	@EnableWebSecurity
 	static class RequestCacheRefConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
 					.and()
 				.requestCache()
 					.requestCache(requestCache());
+			// @formatter:on
 		}
 
 		protected void configure(AuthenticationManagerBuilder auth) throws Exception {
@@ -104,9 +106,11 @@ public class NamespaceHttpRequestCacheTests {
 	@EnableWebSecurity
 	static class DefaultRequestCacheRefConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated();
+			// @formatter:on
 		}
 
 		protected void configure(AuthenticationManagerBuilder auth) throws Exception {

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpServerAccessDeniedHandlerTests.java

@@ -70,12 +70,14 @@ public class NamespaceHttpServerAccessDeniedHandlerTests {
 	@EnableWebSecurity
 	static class AccessDeniedPageConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().denyAll()
 					.and()
 				.exceptionHandling()
 					.accessDeniedPage("/AccessDeniedPageConfig");
+			// @formatter:on
 		}
 	}
 
@@ -121,12 +123,14 @@ public class NamespaceHttpServerAccessDeniedHandlerTests {
 	@EnableWebSecurity
 	static class AccessDeniedHandlerRefConfig extends WebSecurityConfigurerAdapter {
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().denyAll()
 					.and()
 				.exceptionHandling()
 					.accessDeniedHandler(accessDeniedHandler());
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.java

@@ -88,11 +88,13 @@ public class NamespaceHttpX509Tests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.x509();
+			// @formatter:on
 		}
 	}
 
@@ -119,12 +121,14 @@ public class NamespaceHttpX509Tests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.x509()
 					.authenticationDetailsSource(authenticationDetailsSource());
+			// @formatter:on
 		}
 
 		@Bean
@@ -155,12 +159,14 @@ public class NamespaceHttpX509Tests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.x509()
 					.subjectPrincipalRegex("CN=(.*?)@example.com(?:,|$)");
+			// @formatter:on
 		}
 	}
 
@@ -184,12 +190,14 @@ public class NamespaceHttpX509Tests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.x509()
 					.x509PrincipalExtractor(this::extractCommonName);
+			// @formatter:on
 		}
 
 		private String extractCommonName(X509Certificate certificate) {
@@ -221,12 +229,14 @@ public class NamespaceHttpX509Tests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.x509()
 					.userDetailsService(username -> USER);
+			// @formatter:on
 		}
 	}
 
@@ -248,12 +258,14 @@ public class NamespaceHttpX509Tests {
 		}
 
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().hasRole("USER")
 					.and()
 				.x509()
 					.authenticationUserDetailsService(authentication -> USER);
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceSessionManagementTests.java

@@ -174,6 +174,7 @@ public class NamespaceSessionManagementTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -187,6 +188,7 @@ public class NamespaceSessionManagementTests {
 						.maxSessionsPreventsLogin(true) // session-management/concurrency-control@error-if-maximum-exceeded
 						.expiredUrl("/expired-session") // session-management/concurrency-control@expired-url
 						.sessionRegistry(sessionRegistry()); // session-management/concurrency-control@session-registry-ref
+			// @formatter:on
 		}
 
 		@Bean
@@ -219,9 +221,11 @@ public class NamespaceSessionManagementTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.sessionManagement()
 					.invalidSessionStrategy(invalidSessionStrategy());
+			// @formatter:on
 		}
 
 		@Bean
@@ -250,11 +254,13 @@ public class NamespaceSessionManagementTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.sessionManagement()
 					.sessionAuthenticationStrategy(sessionAuthenticationStrategy()) // session-management@session-authentication-strategy-ref
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
 
 		@Bean
@@ -283,11 +289,13 @@ public class NamespaceSessionManagementTests {
 	static class SFPNoneSessionManagementConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.sessionManagement()
 					.sessionAuthenticationStrategy(new NullAuthenticatedSessionStrategy())
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
 	}
 
@@ -314,10 +322,12 @@ public class NamespaceSessionManagementTests {
 	static class SFPMigrateSessionManagementConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.sessionManagement()
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
 	}
 
@@ -338,10 +348,12 @@ public class NamespaceSessionManagementTests {
 	static class SFPPostProcessedConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.sessionManagement()
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
 
 		@Bean
@@ -373,11 +385,13 @@ public class NamespaceSessionManagementTests {
 	static class SFPNewSessionSessionManagementConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.sessionManagement()
 					.sessionFixation().newSession()
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.java

@@ -63,6 +63,7 @@ public class PermitAllSupportTests {
 	static class PermitAllConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -70,6 +71,7 @@ public class PermitAllSupportTests {
 				.formLogin()
 					.loginPage("/xyz").permitAll()
 					.loginProcessingUrl("/abc?def").permitAll();
+			// @formatter:on
 		}
 	}
 
@@ -85,9 +87,11 @@ public class PermitAllSupportTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.formLogin()
 					.permitAll();
+			// @formatter:on
 		}
 	}
 }

config/src/test/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurerTests.java

@@ -54,6 +54,7 @@ public class PortMapperConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.requiresChannel()
 					.anyRequest().requiresSecure()
@@ -62,6 +63,7 @@ public class PortMapperConfigurerTests {
 					.http(543).mapsTo(123)
 					.and()
 				.portMapper();
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/RequestCacheConfigurerTests.java

@@ -260,11 +260,13 @@ public class RequestCacheConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerServlet31Tests.java

@@ -103,15 +103,15 @@ public class SessionManagementConfigurerServlet31Tests {
 	@EnableWebSecurity
 	static class SessionManagementDefaultSessionFixationServlet31Config extends
 			WebSecurityConfigurerAdapter {
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.formLogin()
 					.and()
 				.sessionManagement();
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Override

config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionAuthenticationStrategyTests.java

@@ -60,16 +60,16 @@ public class SessionManagementConfigurerSessionAuthenticationStrategyTests {
 	static class CustomSessionAuthenticationStrategyConfig extends WebSecurityConfigurerAdapter {
 		static SessionAuthenticationStrategy customSessionAuthenticationStrategy = mock(SessionAuthenticationStrategy.class);
 
-		// @formatter:off
 		@Override
 		public void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.formLogin()
 					.and()
 				.sessionManagement()
 					.sessionAuthenticationStrategy(customSessionAuthenticationStrategy);
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Override

config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerSessionCreationPolicyTests.java

@@ -80,8 +80,10 @@ public class SessionManagementConfigurerSessionCreationPolicyTests {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			super.configure(http);
+			// @formatter:off
 			http
 					.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+			// @formatter:on
 
 			http.setSharedObject(SessionCreationPolicy.class, SessionCreationPolicy.ALWAYS);
 		}

config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java

@@ -70,9 +70,10 @@ public class SessionManagementConfigurerTransientAuthenticationTests {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			super.configure(http);
-
+			// @formatter:off
 			http
 				.csrf().disable();
+			// @formatter:on
 		}
 
 		@Override
@@ -86,8 +87,10 @@ public class SessionManagementConfigurerTransientAuthenticationTests {
 	static class AlwaysCreateSessionConfig extends WithTransientAuthenticationConfig {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS);
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java

@@ -268,6 +268,7 @@ public class OAuth2ClientConfigurerTests {
 	static class OAuth2ClientConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -279,6 +280,7 @@ public class OAuth2ClientConfigurerTests {
 					.authorizationCodeGrant()
 						.authorizationRequestResolver(authorizationRequestResolver)
 						.accessTokenResponseClient(accessTokenResponseClient);
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java

@@ -617,10 +617,12 @@ public class OAuth2LoginConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.oauth2Login()
 					.clientRegistrationRepository(
 						new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION));
+			// @formatter:on
 			super.configure(http);
 		}
 
@@ -658,12 +660,14 @@ public class OAuth2LoginConfigurerTests {
 	static class OAuth2LoginConfigCustomWithConfigurer extends CommonWebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.oauth2Login()
 					.clientRegistrationRepository(
 							new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))
 					.userInfoEndpoint()
 						.userAuthoritiesMapper(createGrantedAuthoritiesMapper());
+			// @formatter:on
 			super.configure(http);
 		}
 	}
@@ -672,8 +676,10 @@ public class OAuth2LoginConfigurerTests {
 	static class OAuth2LoginConfigCustomWithBeanRegistration extends CommonWebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.oauth2Login();
+			// @formatter:on
 			super.configure(http);
 		}
 
@@ -692,6 +698,7 @@ public class OAuth2LoginConfigurerTests {
 	static class OAuth2LoginConfigCustomUserServiceBeanRegistration extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -702,6 +709,7 @@ public class OAuth2LoginConfigurerTests {
 				.oauth2Login()
 					.tokenEndpoint()
 						.accessTokenResponseClient(createOauth2AccessTokenResponseClient());
+			// @formatter:on
 		}
 
 		@Bean
@@ -739,11 +747,13 @@ public class OAuth2LoginConfigurerTests {
 	static class OAuth2LoginConfigLoginProcessingUrl extends CommonWebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.oauth2Login()
 					.clientRegistrationRepository(
 						new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))
 					.loginProcessingUrl("/login/oauth2/*");
+			// @formatter:on
 			super.configure(http);
 		}
 	}
@@ -757,11 +767,13 @@ public class OAuth2LoginConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.oauth2Login()
 					.clientRegistrationRepository(this.clientRegistrationRepository)
 					.authorizationEndpoint()
 						.authorizationRequestResolver(this.resolver);
+			// @formatter:on
 			super.configure(http);
 		}
 	}
@@ -775,6 +787,7 @@ public class OAuth2LoginConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.oauth2Login(oauth2Login ->
 					oauth2Login
@@ -784,6 +797,7 @@ public class OAuth2LoginConfigurerTests {
 								.authorizationRequestResolver(this.resolver)
 						)
 				);
+			// @formatter:on
 			super.configure(http);
 		}
 	}
@@ -792,11 +806,13 @@ public class OAuth2LoginConfigurerTests {
 	static class OAuth2LoginConfigMultipleClients extends CommonWebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 					.oauth2Login()
 					.clientRegistrationRepository(
 							new InMemoryClientRegistrationRepository(
 									GOOGLE_CLIENT_REGISTRATION, GITHUB_CLIENT_REGISTRATION));
+			// @formatter:on
 			super.configure(http);
 		}
 	}
@@ -805,11 +821,13 @@ public class OAuth2LoginConfigurerTests {
 	static class OAuth2LoginConfigCustomLoginPage extends CommonWebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 					.oauth2Login()
 					.clientRegistrationRepository(
 							new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))
 					.loginPage("/custom-login");
+			// @formatter:on
 			super.configure(http);
 		}
 	}
@@ -835,9 +853,11 @@ public class OAuth2LoginConfigurerTests {
 	static class OAuth2LoginConfigWithOidcLogoutSuccessHandler extends CommonWebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.logout()
 					.logoutSuccessHandler(oidcLogoutSuccessHandler());
+			// @formatter:on
 			super.configure(http);
 		}
 
@@ -859,6 +879,7 @@ public class OAuth2LoginConfigurerTests {
 	private static abstract class CommonWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -873,6 +894,7 @@ public class OAuth2LoginConfigurerTests {
 					.userInfoEndpoint()
 						.userService(createOauth2UserService())
 						.oidcUserService(createOidcUserService());
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java

@@ -1761,7 +1761,6 @@ public class OAuth2ResourceServerConfigurerTests {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			// @formatter:off
-
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -1769,7 +1768,6 @@ public class OAuth2ResourceServerConfigurerTests {
 				.oauth2ResourceServer()
 					.jwt()
 						.jwtAuthenticationConverter(getJwtAuthenticationConverter());
-
 			// @formatter:on
 		}
 
@@ -1783,7 +1781,6 @@ public class OAuth2ResourceServerConfigurerTests {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			// @formatter:off
-
 			http
 				.authorizeRequests()
 					.antMatchers("/requires-read-scope").access("hasAuthority('message:read')")
@@ -1791,7 +1788,6 @@ public class OAuth2ResourceServerConfigurerTests {
 				.oauth2ResourceServer()
 					.jwt()
 						.jwtAuthenticationConverter(getJwtAuthenticationConverter());
-
 			// @formatter:on
 		}
 
@@ -2255,6 +2251,7 @@ public class OAuth2ResourceServerConfigurerTests {
 					.jwt()
 						.and()
 					.opaqueToken();
+			// @formatter:on
 		}
 	}
 
@@ -2306,6 +2303,7 @@ public class OAuth2ResourceServerConfigurerTests {
 				.oauth2ResourceServer()
 					.authenticationManagerResolver(mock(AuthenticationManagerResolver.class))
 					.opaqueToken();
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurerTests.java

@@ -300,11 +300,13 @@ public class Saml2LoginConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests(authz -> authz
 						.anyRequest().authenticated()
 				)
 				.saml2Login(withDefaults());
+			// @formatter:on
 		}
 
 		@Bean
@@ -319,11 +321,13 @@ public class Saml2LoginConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests(authz -> authz
 					.anyRequest().authenticated()
 				)
 				.saml2Login(saml2 -> {});
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/core/GrantedAuthorityDefaultsJcTests.java

@@ -165,9 +165,11 @@ public class GrantedAuthorityDefaultsJcTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().access("hasRole('USER')");
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomConfigurer.java

@@ -42,17 +42,19 @@ public class CustomConfigurer extends SecurityConfigurerAdapter<DefaultSecurityF
 		// autowire this bean
 		ApplicationContext context = http.getSharedObject(ApplicationContext.class);
 		context.getAutowireCapableBeanFactory().autowireBean(this);
-
+		// @formatter:off
 		http
 			.authorizeRequests()
 				.antMatchers(permitAllPattern).permitAll()
 				.anyRequest().authenticated();
-
+		// @formatter:on
 		if (http.getConfigurer(FormLoginConfigurer.class) == null) {
 			// only apply if formLogin() was not invoked by the user
+			// @formatter:off
 			http
 				.formLogin()
 					.loginPage(loginPage);
+			// @formatter:on
 		}
 	}
 

config/src/test/java/org/springframework/security/config/http/customconfigurer/CustomHttpSecurityConfigurerTests.java

@@ -120,9 +120,11 @@ public class CustomHttpSecurityConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.apply(customConfigurer())
 					.loginPage("/custom");
+			// @formatter:on
 		}
 
 		@Bean
@@ -142,12 +144,14 @@ public class CustomHttpSecurityConfigurerTests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.apply(customConfigurer())
 					.and()
 				.csrf().disable()
 				.formLogin()
 					.loginPage("/other");
+			// @formatter:on
 		}
 
 		@Bean

config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java

@@ -117,8 +117,10 @@ public class OAuth2ClientSpecTests {
 	static class Config {
 		@Bean
 		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
+			// @formatter:off
 			http
 				.oauth2Client();
+			// @formatter:on
 			return http.build();
 		}
 
@@ -208,6 +210,7 @@ public class OAuth2ClientSpecTests {
 
 		@Bean
 		public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
+			// @formatter:off
 			http
 				.oauth2Client()
 					.authenticationConverter(this.authenticationConverter)
@@ -215,6 +218,7 @@ public class OAuth2ClientSpecTests {
 					.authorizationRequestRepository(this.authorizationRequestRepository)
 					.and()
 				.requestCache(c -> c.requestCache(this.requestCache));
+			// @formatter:on
 			return http.build();
 		}
 	}
@@ -274,6 +278,7 @@ public class OAuth2ClientSpecTests {
 
 		@Bean
 		public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
+			// @formatter:off
 			http
 				.oauth2Client(oauth2Client ->
 					oauth2Client
@@ -281,6 +286,7 @@ public class OAuth2ClientSpecTests {
 						.authenticationManager(this.manager)
 						.authorizationRequestRepository(this.authorizationRequestRepository))
 				.requestCache(c -> c.requestCache(this.requestCache));
+			// @formatter:on
 			return http.build();
 		}
 	}

config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java

@@ -253,12 +253,14 @@ public class OAuth2LoginTests {
 
 		@Bean
 		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
+			// @formatter:off
 			http
 				.requestCache()
 					.requestCache(this.requestCache)
 					.and()
 				.oauth2Login()
 					.authorizationRequestRepository(this.authorizationRequestRepository);
+			// @formatter:on
 			return http.build();
 		}
 
@@ -395,6 +397,7 @@ public class OAuth2LoginTests {
 
 		@Bean
 		public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
+			// @formatter:off
 			http
 				.authorizeExchange()
 					.anyExchange().authenticated()
@@ -406,6 +409,7 @@ public class OAuth2LoginTests {
 					.authorizationRequestResolver(resolver)
 					.authenticationSuccessHandler(successHandler)
 					.authenticationFailureHandler(failureHandler);
+			// @formatter:on
 			return http.build();
 		}
 	}
@@ -474,6 +478,7 @@ public class OAuth2LoginTests {
 
 		@Bean
 		public SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
+			// @formatter:off
 			http
 				.authorizeExchange(exchanges ->
 					exchanges
@@ -487,6 +492,7 @@ public class OAuth2LoginTests {
 						.authorizationRequestResolver(resolver)
 						.authenticationSuccessHandler(successHandler)
 				);
+			// @formatter:on
 			return http.build();
 		}
 	}
@@ -715,7 +721,7 @@ public class OAuth2LoginTests {
 
 		@Bean
 		public SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
-
+			// @formatter:off
 			http
 				.csrf().disable()
 				.logout()
@@ -726,7 +732,7 @@ public class OAuth2LoginTests {
 									new InMemoryReactiveClientRegistrationRepository(this.withLogout)))
 					.and()
 				.securityContextRepository(this.repository);
-
+			// @formatter:on
 			return http.build();
 		}
 

config/src/test/java/org/springframework/security/config/web/server/OAuth2ResourceServerSpecTests.java

@@ -486,8 +486,6 @@ public class OAuth2ResourceServerSpecTests {
 					.jwt()
 						.publicKey(publicKey());
 			// @formatter:on
-
-
 			return http.build();
 		}
 	}
@@ -511,7 +509,6 @@ public class OAuth2ResourceServerSpecTests {
 						)
 				);
 			// @formatter:on
-
 			return http.build();
 		}
 	}
@@ -533,8 +530,6 @@ public class OAuth2ResourceServerSpecTests {
 					.jwt()
 						.publicKey(this.key);
 			// @formatter:on
-
-
 			return http.build();
 		}
 	}
@@ -877,6 +872,7 @@ public class OAuth2ResourceServerSpecTests {
 				.oauth2ResourceServer()
 					.authenticationManagerResolver(mock(ReactiveAuthenticationManagerResolver.class))
 					.opaqueToken();
+			// @formatter:on
 
 			return http.build();
 		}

test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java

@@ -148,12 +148,14 @@ public class Sec2935Tests {
 
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/admin/**").hasRole("ADMIN")
 					.anyRequest().authenticated()
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
 
 		@Autowired

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests.java

@@ -72,16 +72,15 @@ public class SecurityMockMvcRequestPostProcessorsAuthenticationStatelessTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			super.configure(http);
-
+			// @formatter:off
 			http
 				.sessionManagement()
 					.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Autowired

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2ClientTests.java

@@ -165,11 +165,13 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2ClientTests {
 	static class OAuth2ClientConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests(authz -> authz
 					.anyRequest().permitAll()
 				)
 				.oauth2Client();
+			// @formatter:on
 		}
 
 		@Bean

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java

@@ -167,11 +167,13 @@ public class SecurityMockMvcRequestPostProcessorsOAuth2LoginTests {
 	static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests(authorize -> authorize
 					.mvcMatchers("/admin/**").hasAuthority("SCOPE_admin")
 					.anyRequest().hasAuthority("SCOPE_read")
 				).oauth2Login();
+			// @formatter:on
 		}
 
 		@Bean

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java

@@ -173,12 +173,14 @@ public class SecurityMockMvcRequestPostProcessorsOidcLoginTests {
 	static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.mvcMatchers("/admin/**").hasAuthority("SCOPE_admin")
 					.anyRequest().hasAuthority("SCOPE_read")
 					.and()
 				.oauth2Login();
+			// @formatter:on
 		}
 
 		@Bean

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOpaqueTokenTests.java

@@ -130,6 +130,7 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests {
 	static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.mvcMatchers("/admin/**").hasAuthority("SCOPE_admin")
@@ -138,6 +139,7 @@ public class SecurityMockMvcRequestPostProcessorsOpaqueTokenTests {
 				.oauth2ResourceServer()
 					.opaqueToken()
 						.introspector(mock(OpaqueTokenIntrospector.class));
+			// @formatter:on
 		}
 
 		@RestController

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTests.java

@@ -72,16 +72,15 @@ public class SecurityMockMvcRequestPostProcessorsTestSecurityContextStatelessTes
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
 			super.configure(http);
-
+			// @formatter:off
 			http
 				.sessionManagement()
 					.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Autowired

test/src/test/java/org/springframework/security/test/web/servlet/showcase/csrf/CustomCsrfShowcaseTests.java

@@ -74,14 +74,14 @@ public class CustomCsrfShowcaseTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.csrf()
 					.csrfTokenRepository(repo());
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Autowired

test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomConfigAuthenticationTests.java

@@ -91,9 +91,9 @@ public class CustomConfigAuthenticationTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -105,8 +105,8 @@ public class CustomConfigAuthenticationTests {
 					.usernameParameter("user")
 					.passwordParameter("pass")
 					.loginPage("/authenticate");
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Bean

test/src/test/java/org/springframework/security/test/web/servlet/showcase/login/CustomLoginRequestBuilderAuthenticationTests.java

@@ -81,9 +81,9 @@ public class CustomLoginRequestBuilderAuthenticationTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.anyRequest().authenticated()
@@ -92,8 +92,8 @@ public class CustomLoginRequestBuilderAuthenticationTests {
 					.usernameParameter("user")
 					.passwordParameter("pass")
 					.loginPage("/authenticate");
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Bean

test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/DefaultfSecurityRequestsTests.java

@@ -85,17 +85,17 @@ public class DefaultfSecurityRequestsTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/admin/**").hasRole("ADMIN")
 					.anyRequest().authenticated()
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Autowired

test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/SecurityRequestsTests.java

@@ -103,17 +103,17 @@ public class SecurityRequestsTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/admin/**").hasRole("ADMIN")
 					.anyRequest().authenticated()
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Autowired

test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserAuthenticationTests.java

@@ -87,17 +87,17 @@ public class WithUserAuthenticationTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/admin/**").hasRole("ADMIN")
 					.anyRequest().authenticated()
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Autowired

test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserClassLevelAuthenticationTests.java

@@ -87,17 +87,17 @@ public class WithUserClassLevelAuthenticationTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/admin/**").hasRole("ADMIN")
 					.anyRequest().authenticated()
 					.and()
 				.httpBasic();
+			// @formatter:on
 		}
-		// @formatter:on
 
 		// @formatter:off
 		@Autowired

test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java

@@ -79,17 +79,17 @@ public class WithUserDetailsAuthenticationTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/admin/**").hasRole("ADMIN")
 					.anyRequest().authenticated()
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
-		// @formatter:on
 
 		@Bean
 		@Override

test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java

@@ -79,17 +79,17 @@ public class WithUserDetailsClassLevelAuthenticationTests {
 	@EnableWebMvc
 	static class Config extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.authorizeRequests()
 					.antMatchers("/admin/**").hasRole("ADMIN")
 					.anyRequest().authenticated()
 					.and()
 				.formLogin();
+			// @formatter:on
 		}
-		// @formatter:on
 
 		@Bean
 		@Override

test/src/test/java/org/springframework/security/test/web/support/WebTestUtilsTests.java

@@ -189,29 +189,29 @@ public class WebTestUtilsTests {
 		static CsrfTokenRepository CSRF_REPO;
 		static SecurityContextRepository CONTEXT_REPO;
 
-		// @formatter:off
 		@Override
 		protected void configure(HttpSecurity http) throws Exception {
+			// @formatter:off
 			http
 				.csrf()
 					.csrfTokenRepository(CSRF_REPO)
 					.and()
 				.securityContext()
 					.securityContextRepository(CONTEXT_REPO);
+			// @formatter:on
 		}
-		// @formatter:on
 	}
 
 	@EnableWebSecurity
 	static class PartialSecurityConfig extends WebSecurityConfigurerAdapter {
 
-		// @formatter:off
 		@Override
 		public void configure(HttpSecurity http) {
+			// @formatter:off
 			http
 				.antMatcher("/willnotmatchthis");
+			// @formatter:on
 		}
-		// @formatter:on
 	}
 
 	@Configuration