Only Register as Advisor in Proxy Mode
Now that https://github.com/spring-projects/spring-framework/issues/30689 is addressed. Closes gh-13198
This commit is contained in:
parent
6e2c9b421b
commit
1abfd2c801
|
@ -17,9 +17,9 @@
|
||||||
package org.springframework.security.config.annotation.method.configuration;
|
package org.springframework.security.config.annotation.method.configuration;
|
||||||
|
|
||||||
import io.micrometer.observation.ObservationRegistry;
|
import io.micrometer.observation.ObservationRegistry;
|
||||||
|
import org.aopalliance.intercept.MethodInterceptor;
|
||||||
import org.aopalliance.intercept.MethodInvocation;
|
import org.aopalliance.intercept.MethodInvocation;
|
||||||
|
|
||||||
import org.springframework.aop.Advisor;
|
|
||||||
import org.springframework.beans.factory.ObjectProvider;
|
import org.springframework.beans.factory.ObjectProvider;
|
||||||
import org.springframework.beans.factory.config.BeanDefinition;
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
|
@ -46,7 +46,8 @@ final class Jsr250MethodSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
||||||
Advisor jsr250AuthorizationMethodInterceptor(ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
static MethodInterceptor jsr250AuthorizationMethodInterceptor(
|
||||||
|
ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
||||||
ObjectProvider<SecurityContextHolderStrategy> strategyProvider,
|
ObjectProvider<SecurityContextHolderStrategy> strategyProvider,
|
||||||
ObjectProvider<ObservationRegistry> registryProvider) {
|
ObjectProvider<ObservationRegistry> registryProvider) {
|
||||||
Jsr250AuthorizationManager jsr250 = new Jsr250AuthorizationManager();
|
Jsr250AuthorizationManager jsr250 = new Jsr250AuthorizationManager();
|
||||||
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2002-2023 the original author or authors.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* https://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.springframework.security.config.annotation.method.configuration;
|
||||||
|
|
||||||
|
import org.springframework.aop.Advisor;
|
||||||
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
|
import org.springframework.beans.factory.support.BeanDefinitionRegistry;
|
||||||
|
import org.springframework.beans.factory.support.RootBeanDefinition;
|
||||||
|
import org.springframework.context.annotation.ImportBeanDefinitionRegistrar;
|
||||||
|
import org.springframework.core.type.AnnotationMetadata;
|
||||||
|
|
||||||
|
class MethodSecurityAdvisorRegistrar implements ImportBeanDefinitionRegistrar {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void registerBeanDefinitions(AnnotationMetadata importingClassMetadata, BeanDefinitionRegistry registry) {
|
||||||
|
registerAsAdvisor("preFilterAuthorization", registry);
|
||||||
|
registerAsAdvisor("preAuthorizeAuthorization", registry);
|
||||||
|
registerAsAdvisor("postFilterAuthorization", registry);
|
||||||
|
registerAsAdvisor("postAuthorizeAuthorization", registry);
|
||||||
|
registerAsAdvisor("securedAuthorization", registry);
|
||||||
|
registerAsAdvisor("jsr250Authorization", registry);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void registerAsAdvisor(String prefix, BeanDefinitionRegistry registry) {
|
||||||
|
String interceptorName = prefix + "MethodInterceptor";
|
||||||
|
if (!registry.containsBeanDefinition(interceptorName)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
BeanDefinition definition = registry.getBeanDefinition(interceptorName);
|
||||||
|
if (!(definition instanceof RootBeanDefinition)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
RootBeanDefinition advisor = new RootBeanDefinition((RootBeanDefinition) definition);
|
||||||
|
advisor.setTargetType(Advisor.class);
|
||||||
|
registry.registerBeanDefinition(prefix + "Advisor", advisor);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright 2002-2022 the original author or authors.
|
* Copyright 2002-2023 the original author or authors.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
|
@ -60,7 +60,8 @@ final class MethodSecuritySelector implements ImportSelector {
|
||||||
|
|
||||||
private static final class AutoProxyRegistrarSelector extends AdviceModeImportSelector<EnableMethodSecurity> {
|
private static final class AutoProxyRegistrarSelector extends AdviceModeImportSelector<EnableMethodSecurity> {
|
||||||
|
|
||||||
private static final String[] IMPORTS = new String[] { AutoProxyRegistrar.class.getName() };
|
private static final String[] IMPORTS = new String[] { AutoProxyRegistrar.class.getName(),
|
||||||
|
MethodSecurityAdvisorRegistrar.class.getName() };
|
||||||
|
|
||||||
private static final String[] ASPECTJ_IMPORTS = new String[] {
|
private static final String[] ASPECTJ_IMPORTS = new String[] {
|
||||||
MethodSecurityAspectJAutoProxyRegistrar.class.getName() };
|
MethodSecurityAspectJAutoProxyRegistrar.class.getName() };
|
||||||
|
|
|
@ -17,8 +17,8 @@
|
||||||
package org.springframework.security.config.annotation.method.configuration;
|
package org.springframework.security.config.annotation.method.configuration;
|
||||||
|
|
||||||
import io.micrometer.observation.ObservationRegistry;
|
import io.micrometer.observation.ObservationRegistry;
|
||||||
|
import org.aopalliance.intercept.MethodInterceptor;
|
||||||
|
|
||||||
import org.springframework.aop.Advisor;
|
|
||||||
import org.springframework.beans.factory.ObjectProvider;
|
import org.springframework.beans.factory.ObjectProvider;
|
||||||
import org.springframework.beans.factory.config.BeanDefinition;
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
import org.springframework.context.ApplicationContext;
|
import org.springframework.context.ApplicationContext;
|
||||||
|
@ -52,7 +52,8 @@ final class PrePostMethodSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
||||||
Advisor preFilterAuthorizationMethodInterceptor(ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
static MethodInterceptor preFilterAuthorizationMethodInterceptor(
|
||||||
|
ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
||||||
ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
|
ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
|
||||||
ObjectProvider<SecurityContextHolderStrategy> strategyProvider, ApplicationContext context) {
|
ObjectProvider<SecurityContextHolderStrategy> strategyProvider, ApplicationContext context) {
|
||||||
PreFilterAuthorizationMethodInterceptor preFilter = new PreFilterAuthorizationMethodInterceptor();
|
PreFilterAuthorizationMethodInterceptor preFilter = new PreFilterAuthorizationMethodInterceptor();
|
||||||
|
@ -64,7 +65,8 @@ final class PrePostMethodSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
||||||
Advisor preAuthorizeAuthorizationMethodInterceptor(ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
static MethodInterceptor preAuthorizeAuthorizationMethodInterceptor(
|
||||||
|
ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
||||||
ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
|
ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
|
||||||
ObjectProvider<SecurityContextHolderStrategy> strategyProvider,
|
ObjectProvider<SecurityContextHolderStrategy> strategyProvider,
|
||||||
ObjectProvider<AuthorizationEventPublisher> eventPublisherProvider,
|
ObjectProvider<AuthorizationEventPublisher> eventPublisherProvider,
|
||||||
|
@ -81,7 +83,8 @@ final class PrePostMethodSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
||||||
Advisor postAuthorizeAuthorizationMethodInterceptor(ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
static MethodInterceptor postAuthorizeAuthorizationMethodInterceptor(
|
||||||
|
ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
||||||
ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
|
ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
|
||||||
ObjectProvider<SecurityContextHolderStrategy> strategyProvider,
|
ObjectProvider<SecurityContextHolderStrategy> strategyProvider,
|
||||||
ObjectProvider<AuthorizationEventPublisher> eventPublisherProvider,
|
ObjectProvider<AuthorizationEventPublisher> eventPublisherProvider,
|
||||||
|
@ -98,7 +101,8 @@ final class PrePostMethodSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
||||||
Advisor postFilterAuthorizationMethodInterceptor(ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
static MethodInterceptor postFilterAuthorizationMethodInterceptor(
|
||||||
|
ObjectProvider<GrantedAuthorityDefaults> defaultsProvider,
|
||||||
ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
|
ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
|
||||||
ObjectProvider<SecurityContextHolderStrategy> strategyProvider, ApplicationContext context) {
|
ObjectProvider<SecurityContextHolderStrategy> strategyProvider, ApplicationContext context) {
|
||||||
PostFilterAuthorizationMethodInterceptor postFilter = new PostFilterAuthorizationMethodInterceptor();
|
PostFilterAuthorizationMethodInterceptor postFilter = new PostFilterAuthorizationMethodInterceptor();
|
||||||
|
|
|
@ -17,9 +17,9 @@
|
||||||
package org.springframework.security.config.annotation.method.configuration;
|
package org.springframework.security.config.annotation.method.configuration;
|
||||||
|
|
||||||
import io.micrometer.observation.ObservationRegistry;
|
import io.micrometer.observation.ObservationRegistry;
|
||||||
|
import org.aopalliance.intercept.MethodInterceptor;
|
||||||
import org.aopalliance.intercept.MethodInvocation;
|
import org.aopalliance.intercept.MethodInvocation;
|
||||||
|
|
||||||
import org.springframework.aop.Advisor;
|
|
||||||
import org.springframework.beans.factory.ObjectProvider;
|
import org.springframework.beans.factory.ObjectProvider;
|
||||||
import org.springframework.beans.factory.config.BeanDefinition;
|
import org.springframework.beans.factory.config.BeanDefinition;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
|
@ -46,7 +46,8 @@ final class SecuredMethodSecurityConfiguration {
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
|
||||||
Advisor securedAuthorizationMethodInterceptor(ObjectProvider<SecurityContextHolderStrategy> strategyProvider,
|
static MethodInterceptor securedAuthorizationMethodInterceptor(
|
||||||
|
ObjectProvider<SecurityContextHolderStrategy> strategyProvider,
|
||||||
ObjectProvider<ObservationRegistry> registryProvider) {
|
ObjectProvider<ObservationRegistry> registryProvider) {
|
||||||
SecuredAuthorizationManager secured = new SecuredAuthorizationManager();
|
SecuredAuthorizationManager secured = new SecuredAuthorizationManager();
|
||||||
SecurityContextHolderStrategy strategy = strategyProvider
|
SecurityContextHolderStrategy strategy = strategyProvider
|
||||||
|
|
Loading…
Reference in New Issue