Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-12 07:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update shouldConvertGetRequests Migration Steps

Browse Source 
Issue gh-17099
This commit is contained in:
Josh Cummings 2025-06-03 13:08:51 -06:00
parent f73f253beb
commit 492444c588
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
1 changed files with 6 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/modules/ROOT/pages/migration/servlet/oauth2.adoc
View File

@ -83,9 +83,9 @@ fun jwtDecoder(): JwtDecoder {
Spring Security does not support processing `<saml2:Response>` payloads over GET as this is not supported by the SAML 2.0 spec.
To better comply with this, `Saml2AuthenticationTokenConverter` will not process GET requests by default as of Spring Security 8.
To better comply with this, `Saml2AuthenticationTokenConverter`, `OpenSaml4AuthenticationTokenConverter`, and `OpenSaml5AuthenticationTokenConverter` will not process GET requests by default as of Spring Security 8.
To prepare for this, the property `shouldConvertGetRequests` is available.
To use it, publish your own `Saml2AuthenticationTokenConverter` like so:
To use it, publish your own converter like so:
[tabs]
======
@ -94,9 +94,8 @@ Java::
[source,java,role="primary"]
----
@Bean
Saml2AuthenticationTokenConverter authenticationConverter(RelyingPartyRegistrationRepository registrations) {
Saml2AuhenticationTokenConverter authenticationConverter = new Saml2AuthenticationTokenConverter(
new DefaultRelyingPartyRegistrationResolver(registrations));
OpenSaml5AuthenticationTokenConverter authenticationConverter(RelyingPartyRegistrationRepository registrations) {
OpenSaml5AuthenticationTokenConverter authenticationConverter = new OpenSaml5AuthenticationTokenConverter(registrations);
authenticationConverter.setShouldConvertGetRequests(false);
return authenticationConverter;
}
@ -108,12 +107,11 @@ Kotlin::
----
@Bean
fun authenticationConverter(val registrations: RelyingPartyRegistrationRepository): Saml2AuthenticationTokenConverter {
val authenticationConverter = new Saml2AuthenticationTokenConverter(
DefaultRelyingPartyRegistrationResolver(registrations))
val authenticationConverter = Saml2AuthenticationTokenConverter(registrations)
authenticationConverter.setShouldConvertGetRequests(false)
return authenticationConverter
}
----
======
If you must continue using `Saml2AuthenticationTokenConverter` to process GET requests, you can call `setShouldConvertGetRequests` to `true.`
If you must continue using `Saml2AuthenticationTokenConverter`, `OpenSaml4AuthenticationTokenConverter`, or `OpenSaml5AuthenticationTokenConverter` to process GET requests, you can call `setShouldConvertGetRequests` to `true.`