Deprecate PortResolver

Closes gh-15972

docs/modules/ROOT/pages/migration-7/web.adoc

@@ -102,3 +102,46 @@ Xml::
 </b:bean>
 ----
 ======
+
+== PortResolver
+
+Spring Security uses an API called `PortResolver` to provide a workaround for a bug in Internet Explorer.
+The workaround is no longer necessary and can cause users problems in some scenarios.
+For this reason, Spring Security 7 will remove the `PortResolver` interface.
+
+To prepare for this change, users should expose the `PortResolver.NO_OP` as a Bean named `portResolver`.
+This ensures that the `PortResolver` implementation that is used is a no-op (e.g. does nothing) which simulates the removal of `PortResolver`.
+An example configuration can be found below:
+
+[tabs]
+======
+Java::
++
+[source,java,role="primary"]
+----
+@Bean
+PortResolver portResolver() {
+	return PortResolver.NO_OP;
+}
+----
+
+Kotlin::
++
+[source,kotlin,role="secondary"]
+----
+@Bean
+open fun portResolver(): PortResolver {
+    return PortResolver.NO_OP
+}
+----
+
+Xml::
++
+[source,xml,role="secondary"]
+----
+
+<util:constant id="portResolver"
+    static-field="org.springframework.security.web.PortResolver.NO_OP">
+----
+======
+

web/src/main/java/org/springframework/security/web/PortResolver.java

@@ -28,7 +28,9 @@ import jakarta.servlet.ServletRequest;
  * </p>
  *
  * @author Ben Alex
+ * @deprecated This existed for an old IE bug and is no longer need.
  */
+@Deprecated(forRemoval = true, since = "6.5")
 public interface PortResolver {
 
 	PortResolver NO_OP = new PortResolver() {

web/src/main/java/org/springframework/security/web/PortResolverImpl.java

@@ -35,7 +35,9 @@ import org.springframework.util.Assert;
  * {@link PortMapper}.
  *
  * @author Ben Alex
+ * @deprecated This existed for an old IE bug and is no longer need.
  */
+@Deprecated(forRemoval = true)
 public class PortResolverImpl implements PortResolver {
 
 	private PortMapper portMapper = new PortMapperImpl();

web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java

@@ -86,11 +86,13 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
 		this.portMapper = portMapper;
 	}
 
+	@Deprecated(forRemoval = true)
 	public void setPortResolver(PortResolver portResolver) {
 		Assert.notNull(portResolver, "portResolver cannot be null");
 		this.portResolver = portResolver;
 	}
 
+	@Deprecated(forRemoval = true)
 	protected final PortResolver getPortResolver() {
 		return this.portResolver;
 	}

web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java

@@ -235,11 +235,13 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 		return this.portMapper;
 	}
 
+	@Deprecated(forRemoval = true)
 	public void setPortResolver(PortResolver portResolver) {
 		Assert.notNull(portResolver, "portResolver cannot be null");
 		this.portResolver = portResolver;
 	}
 
+	@Deprecated(forRemoval = true)
 	protected PortResolver getPortResolver() {
 		return this.portResolver;
 	}

web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java

@@ -100,11 +100,21 @@ public class DefaultSavedRequest implements SavedRequest {
 
 	private final String matchingRequestParameterName;
 
+	public DefaultSavedRequest(HttpServletRequest request) {
+		this(request, (String) null);
+	}
+
+	public DefaultSavedRequest(HttpServletRequest request, String matchingRequestParameterName) {
+		this(request, PortResolver.NO_OP, matchingRequestParameterName);
+	}
+
+	@Deprecated(forRemoval = true)
 	public DefaultSavedRequest(HttpServletRequest request, PortResolver portResolver) {
 		this(request, portResolver, null);
 	}
 
 	@SuppressWarnings("unchecked")
+	@Deprecated(forRemoval = true)
 	public DefaultSavedRequest(HttpServletRequest request, PortResolver portResolver,
 			String matchingRequestParameterName) {
 		Assert.notNull(request, "Request required");
@@ -221,7 +231,10 @@ public class DefaultSavedRequest implements SavedRequest {
 	 * @param request the actual request to be matched against this one
 	 * @param portResolver used to obtain the server port of the request
 	 * @return true if the request is deemed to match this one.
+	 * @deprecated This is deprecated for removal. Users can compare
+	 * {@link #getRedirectUrl()} to the {@link HttpServletRequest} URL instead.
 	 */
+	@Deprecated(forRemoval = true)
 	public boolean doesRequestMatch(HttpServletRequest request, PortResolver portResolver) {
 		if (!propertyEquals(this.pathInfo, request.getPathInfo())) {
 			return false;

web/src/main/java/org/springframework/security/web/savedrequest/HttpSessionRequestCache.java

@@ -164,6 +164,7 @@ public class HttpSessionRequestCache implements RequestCache {
 		this.createSessionAllowed = createSessionAllowed;
 	}
 
+	@Deprecated(forRemoval = true)
 	public void setPortResolver(PortResolver portResolver) {
 		this.portResolver = portResolver;
 	}

web/src/test/java/org/springframework/security/MockPortResolver.java

@@ -25,7 +25,9 @@ import org.springframework.security.web.PortResolver;
  *
  * @author Ben Alex
  * @author nomoreFt
+ * @deprecated
  */
+@Deprecated(forRemoval = true)
 public class MockPortResolver implements PortResolver {
 
 	private static final String HTTPS_SCHEME = "https";