From 9417f0279093717a4ecadccfdbcd501d21cb7ef3 Mon Sep 17 00:00:00 2001 From: Rob Winch <362503+rwinch@users.noreply.github.com> Date: Wed, 26 Feb 2025 16:10:09 -0600 Subject: [PATCH] Deprecate PortResolver Closes gh-15972 --- docs/modules/ROOT/pages/migration-7/web.adoc | 43 +++++++++++++++++++ .../security/web/PortResolver.java | 2 + .../security/web/PortResolverImpl.java | 2 + .../channel/AbstractRetryEntryPoint.java | 2 + .../LoginUrlAuthenticationEntryPoint.java | 2 + .../web/savedrequest/DefaultSavedRequest.java | 13 ++++++ .../savedrequest/HttpSessionRequestCache.java | 1 + .../security/MockPortResolver.java | 2 + 8 files changed, 67 insertions(+) diff --git a/docs/modules/ROOT/pages/migration-7/web.adoc b/docs/modules/ROOT/pages/migration-7/web.adoc index df8527d08a..c3c201d5a1 100644 --- a/docs/modules/ROOT/pages/migration-7/web.adoc +++ b/docs/modules/ROOT/pages/migration-7/web.adoc @@ -102,3 +102,46 @@ Xml:: ---- ====== + +== PortResolver + +Spring Security uses an API called `PortResolver` to provide a workaround for a bug in Internet Explorer. +The workaround is no longer necessary and can cause users problems in some scenarios. +For this reason, Spring Security 7 will remove the `PortResolver` interface. + +To prepare for this change, users should expose the `PortResolver.NO_OP` as a Bean named `portResolver`. +This ensures that the `PortResolver` implementation that is used is a no-op (e.g. does nothing) which simulates the removal of `PortResolver`. +An example configuration can be found below: + +[tabs] +====== +Java:: ++ +[source,java,role="primary"] +---- +@Bean +PortResolver portResolver() { + return PortResolver.NO_OP; +} +---- + +Kotlin:: ++ +[source,kotlin,role="secondary"] +---- +@Bean +open fun portResolver(): PortResolver { + return PortResolver.NO_OP +} +---- + +Xml:: ++ +[source,xml,role="secondary"] +---- + + +---- +====== + diff --git a/web/src/main/java/org/springframework/security/web/PortResolver.java b/web/src/main/java/org/springframework/security/web/PortResolver.java index 98758d1776..bf953f82e2 100644 --- a/web/src/main/java/org/springframework/security/web/PortResolver.java +++ b/web/src/main/java/org/springframework/security/web/PortResolver.java @@ -28,7 +28,9 @@ import jakarta.servlet.ServletRequest; *

* * @author Ben Alex + * @deprecated This existed for an old IE bug and is no longer need. */ +@Deprecated(forRemoval = true, since = "6.5") public interface PortResolver { PortResolver NO_OP = new PortResolver() { diff --git a/web/src/main/java/org/springframework/security/web/PortResolverImpl.java b/web/src/main/java/org/springframework/security/web/PortResolverImpl.java index 037838d8cb..3e186a0399 100644 --- a/web/src/main/java/org/springframework/security/web/PortResolverImpl.java +++ b/web/src/main/java/org/springframework/security/web/PortResolverImpl.java @@ -35,7 +35,9 @@ import org.springframework.util.Assert; * {@link PortMapper}. * * @author Ben Alex + * @deprecated This existed for an old IE bug and is no longer need. */ +@Deprecated(forRemoval = true) public class PortResolverImpl implements PortResolver { private PortMapper portMapper = new PortMapperImpl(); diff --git a/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java b/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java index 1db1321625..ad0346d4aa 100644 --- a/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java @@ -86,11 +86,13 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint { this.portMapper = portMapper; } + @Deprecated(forRemoval = true) public void setPortResolver(PortResolver portResolver) { Assert.notNull(portResolver, "portResolver cannot be null"); this.portResolver = portResolver; } + @Deprecated(forRemoval = true) protected final PortResolver getPortResolver() { return this.portResolver; } diff --git a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java index 5e62d2ebeb..95e2e45212 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java +++ b/web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java @@ -235,11 +235,13 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin return this.portMapper; } + @Deprecated(forRemoval = true) public void setPortResolver(PortResolver portResolver) { Assert.notNull(portResolver, "portResolver cannot be null"); this.portResolver = portResolver; } + @Deprecated(forRemoval = true) protected PortResolver getPortResolver() { return this.portResolver; } diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java b/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java index e221477e72..41cf0f6589 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java @@ -100,11 +100,21 @@ public class DefaultSavedRequest implements SavedRequest { private final String matchingRequestParameterName; + public DefaultSavedRequest(HttpServletRequest request) { + this(request, (String) null); + } + + public DefaultSavedRequest(HttpServletRequest request, String matchingRequestParameterName) { + this(request, PortResolver.NO_OP, matchingRequestParameterName); + } + + @Deprecated(forRemoval = true) public DefaultSavedRequest(HttpServletRequest request, PortResolver portResolver) { this(request, portResolver, null); } @SuppressWarnings("unchecked") + @Deprecated(forRemoval = true) public DefaultSavedRequest(HttpServletRequest request, PortResolver portResolver, String matchingRequestParameterName) { Assert.notNull(request, "Request required"); @@ -221,7 +231,10 @@ public class DefaultSavedRequest implements SavedRequest { * @param request the actual request to be matched against this one * @param portResolver used to obtain the server port of the request * @return true if the request is deemed to match this one. + * @deprecated This is deprecated for removal. Users can compare + * {@link #getRedirectUrl()} to the {@link HttpServletRequest} URL instead. */ + @Deprecated(forRemoval = true) public boolean doesRequestMatch(HttpServletRequest request, PortResolver portResolver) { if (!propertyEquals(this.pathInfo, request.getPathInfo())) { return false; diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/HttpSessionRequestCache.java b/web/src/main/java/org/springframework/security/web/savedrequest/HttpSessionRequestCache.java index 549a0fcfb4..b6702d8b6e 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/HttpSessionRequestCache.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/HttpSessionRequestCache.java @@ -164,6 +164,7 @@ public class HttpSessionRequestCache implements RequestCache { this.createSessionAllowed = createSessionAllowed; } + @Deprecated(forRemoval = true) public void setPortResolver(PortResolver portResolver) { this.portResolver = portResolver; } diff --git a/web/src/test/java/org/springframework/security/MockPortResolver.java b/web/src/test/java/org/springframework/security/MockPortResolver.java index db35ae0b82..0c21fd265b 100644 --- a/web/src/test/java/org/springframework/security/MockPortResolver.java +++ b/web/src/test/java/org/springframework/security/MockPortResolver.java @@ -25,7 +25,9 @@ import org.springframework.security.web.PortResolver; * * @author Ben Alex * @author nomoreFt + * @deprecated */ +@Deprecated(forRemoval = true) public class MockPortResolver implements PortResolver { private static final String HTTPS_SCHEME = "https";