From b07cd701c7c6a441fa00df7382c45f23ff6a0bd6 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 11:34:47 +0700 Subject: [PATCH 01/16] Add `compile-warnings-error` Closes gh-18423 Signed-off-by: Tran Ngoc Nhan --- dependencies/spring-security-dependencies.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 513ec88747..9a3dcf9f9e 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -1,5 +1,6 @@ plugins { id 'java-platform' + id 'compile-warnings-error' } javaPlatform { From 18ab4dc2c874a337b084b8aa10076f28a7e000b1 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 11:37:36 +0700 Subject: [PATCH 02/16] Add `compile-warnings-error` Closes gh-18425 Signed-off-by: Tran Ngoc Nhan --- javascript/spring-security-javascript.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/javascript/spring-security-javascript.gradle b/javascript/spring-security-javascript.gradle index d6c1f9d979..29acc8dda0 100644 --- a/javascript/spring-security-javascript.gradle +++ b/javascript/spring-security-javascript.gradle @@ -18,6 +18,7 @@ plugins { id 'base' id 'com.github.node-gradle.node' version '7.1.0' + id 'compile-warnings-error' } node { From f906539fe42f800fbc617f2e8c8c6dce4bb66732 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 11:49:27 +0700 Subject: [PATCH 03/16] Add `compile-warnings-error` Closes gh-18426 Signed-off-by: Tran Ngoc Nhan --- kerberos/kerberos-client/spring-security-kerberos-client.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/kerberos/kerberos-client/spring-security-kerberos-client.gradle b/kerberos/kerberos-client/spring-security-kerberos-client.gradle index 5b2cc4501c..cd914fd1be 100644 --- a/kerberos/kerberos-client/spring-security-kerberos-client.gradle +++ b/kerberos/kerberos-client/spring-security-kerberos-client.gradle @@ -2,6 +2,7 @@ plugins { id 'security-nullability' id 'io.spring.convention.spring-module' id 'javadoc-warnings-error' + id 'compile-warnings-error' } description = 'Spring Security Kerberos Client' From fb19143c91b42570d95ecc6f4d7a34da976754a8 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 11:59:56 +0700 Subject: [PATCH 04/16] Add `compile-warnings-error` Closes gh-18427 Signed-off-by: Tran Ngoc Nhan --- kerberos/kerberos-core/spring-security-kerberos-core.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/kerberos/kerberos-core/spring-security-kerberos-core.gradle b/kerberos/kerberos-core/spring-security-kerberos-core.gradle index 1aa30ee3d6..29534cd493 100644 --- a/kerberos/kerberos-core/spring-security-kerberos-core.gradle +++ b/kerberos/kerberos-core/spring-security-kerberos-core.gradle @@ -2,6 +2,7 @@ plugins { id 'security-nullability' id 'io.spring.convention.spring-module' id 'javadoc-warnings-error' + id 'compile-warnings-error' } description = 'Spring Security Kerberos Core' From 1c8bbda7af7812425a77154cdf1858148049a10b Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 12:03:57 +0700 Subject: [PATCH 05/16] Add `compile-warnings-error` Closes gh-18428 Signed-off-by: Tran Ngoc Nhan --- kerberos/kerberos-test/spring-security-kerberos-test.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/kerberos/kerberos-test/spring-security-kerberos-test.gradle b/kerberos/kerberos-test/spring-security-kerberos-test.gradle index 9d220c6c9b..6cc3c9a456 100644 --- a/kerberos/kerberos-test/spring-security-kerberos-test.gradle +++ b/kerberos/kerberos-test/spring-security-kerberos-test.gradle @@ -1,6 +1,7 @@ plugins { id 'io.spring.convention.spring-module' id 'javadoc-warnings-error' + id 'compile-warnings-error' id 'security-nullability' } From bd49ceb0efe458f801da59b3cb0d7a0131e1c24a Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 12:17:45 +0700 Subject: [PATCH 06/16] Add `compile-warnings-error` Closes gh-18429 Signed-off-by: Tran Ngoc Nhan --- kerberos/kerberos-web/spring-security-kerberos-web.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/kerberos/kerberos-web/spring-security-kerberos-web.gradle b/kerberos/kerberos-web/spring-security-kerberos-web.gradle index 2bd605253b..59aee10312 100644 --- a/kerberos/kerberos-web/spring-security-kerberos-web.gradle +++ b/kerberos/kerberos-web/spring-security-kerberos-web.gradle @@ -2,6 +2,7 @@ plugins { id 'security-nullability' id 'io.spring.convention.spring-module' id 'javadoc-warnings-error' + id 'compile-warnings-error' } description = 'Spring Security Kerberos Web' From 30975df0a7f2cdbfa3684198a9593c801c796d19 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 12:26:18 +0700 Subject: [PATCH 07/16] Add `compile-warnings-error` Closes gh-18431 Signed-off-by: Tran Ngoc Nhan --- messaging/spring-security-messaging.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/messaging/spring-security-messaging.gradle b/messaging/spring-security-messaging.gradle index 2767b07209..64f27682e0 100644 --- a/messaging/spring-security-messaging.gradle +++ b/messaging/spring-security-messaging.gradle @@ -1,6 +1,7 @@ plugins { id 'security-nullability' id 'javadoc-warnings-error' + id 'compile-warnings-error' } apply plugin: 'io.spring.convention.spring-module' From d526bb460f64bd40e4e8bc88f436c99bb1d32b20 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 13:19:40 +0700 Subject: [PATCH 08/16] Add `compile-warnings-error` Closes gh-18438 Signed-off-by: Tran Ngoc Nhan --- .../spring-security-saml2-service-provider.gradle | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle b/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle index 140f8a91e7..76164ca23a 100644 --- a/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle +++ b/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle @@ -1,3 +1,7 @@ +plugins { + id 'compile-warnings-error' +} + apply plugin: 'io.spring.convention.spring-module' configurations { @@ -109,6 +113,7 @@ dependencies { testRuntimeOnly 'org.junit.platform:junit-platform-launcher' testRuntimeOnly 'org.hsqldb:hsqldb' + opensamlFiveMain "org.apiguardian:apiguardian-api:1.1.2" } jar { From 3c0fd6d7ca8523d838fa199bc9fdd1caecca1898 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 12:28:36 +0700 Subject: [PATCH 09/16] Add `compile-warnings-error` Closes gh-18417 Signed-off-by: Tran Ngoc Nhan --- bom/spring-security-bom.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/bom/spring-security-bom.gradle b/bom/spring-security-bom.gradle index 69b6d399a2..9b0ce272fa 100644 --- a/bom/spring-security-bom.gradle +++ b/bom/spring-security-bom.gradle @@ -1,6 +1,7 @@ import io.spring.gradle.convention.SpringModulePlugin apply plugin: 'io.spring.convention.bom' +apply plugin: 'compile-warnings-error' dependencies { constraints { From c3240c4d2b755a282c54f04edb2bc4035eba0acc Mon Sep 17 00:00:00 2001 From: jihunparkkk Date: Sun, 25 Jan 2026 03:23:20 +0900 Subject: [PATCH 10/16] Remove compiler warnings for spring-security-rsocket Closes gh-18437 Signed-off-by: jihunparkkk --- rsocket/spring-security-rsocket.gradle | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rsocket/spring-security-rsocket.gradle b/rsocket/spring-security-rsocket.gradle index f0994bf593..c876c15d47 100644 --- a/rsocket/spring-security-rsocket.gradle +++ b/rsocket/spring-security-rsocket.gradle @@ -1,4 +1,5 @@ plugins { + id 'compile-warnings-error' id 'security-nullability' } @@ -8,6 +9,7 @@ dependencies { management platform(project(":spring-security-dependencies")) api project(':spring-security-core') api 'io.rsocket:rsocket-core' + compileOnly 'com.google.code.findbugs:jsr305:3.0.2' optional project(':spring-security-oauth2-resource-server') optional 'org.springframework:spring-messaging' testImplementation 'io.projectreactor:reactor-test' From a23be5e625f0e7e34c8dd00f7909cc7c9fa6079d Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Sun, 25 Jan 2026 13:27:24 +0700 Subject: [PATCH 11/16] Add `compile-warnings-error` Closes gh-18439 Signed-off-by: Tran Ngoc Nhan --- taglibs/spring-security-taglibs.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/taglibs/spring-security-taglibs.gradle b/taglibs/spring-security-taglibs.gradle index 875bf8220a..44971937aa 100644 --- a/taglibs/spring-security-taglibs.gradle +++ b/taglibs/spring-security-taglibs.gradle @@ -1,5 +1,6 @@ plugins { id 'security-nullability' + id 'compile-warnings-error' } apply plugin: 'io.spring.convention.spring-module' From 9fa0a34b4c16ba8c4cfe8d302ab26ff2eefaeeaf Mon Sep 17 00:00:00 2001 From: LeeJiWon Date: Thu, 22 Jan 2026 21:49:56 +0900 Subject: [PATCH 12/16] Remove compiler warnings in spring-security-ldap - Add compile-warnings-error plugin to ldap module - Replace org.springframework.lang.NonNull with org.jspecify.annotations.NonNull - Add @SuppressWarnings for unchecked/rawtypes/deprecation warnings Closes gh-18405 Signed-off-by: LeeJiWon --- ldap/spring-security-ldap.gradle | 1 + .../ldap/DefaultSpringSecurityContextSourceTests.java | 4 +++- .../security/ldap/SpringSecurityLdapTemplateITests.java | 1 + .../authentication/PasswordComparisonAuthenticatorTests.java | 1 + ...ultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java | 1 + .../ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java | 1 + .../authentication/AbstractLdapAuthenticationProvider.java | 2 +- .../ldap/authentication/AbstractLdapAuthenticator.java | 3 ++- .../security/ldap/server/UnboundIdContainer.java | 2 +- .../security/ldap/userdetails/LdapUserDetailsManager.java | 1 + .../PasswordComparisonAuthenticatorMockTests.java | 1 + .../UserDetailsServiceLdapAuthoritiesPopulatorTests.java | 1 + 12 files changed, 15 insertions(+), 4 deletions(-) diff --git a/ldap/spring-security-ldap.gradle b/ldap/spring-security-ldap.gradle index 287e5c1ae4..eb682ed69a 100644 --- a/ldap/spring-security-ldap.gradle +++ b/ldap/spring-security-ldap.gradle @@ -1,5 +1,6 @@ apply plugin: 'io.spring.convention.spring-module' apply plugin: 'javadoc-warnings-error' +apply plugin: 'compile-warnings-error' dependencies { management platform(project(":spring-security-dependencies")) diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java index 59e0a0ea29..44448189a1 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java @@ -68,6 +68,7 @@ public class DefaultSpringSecurityContextSourceTests { } @Test + @SuppressWarnings({ "unchecked", "rawtypes" }) public void poolingFlagIsSetWhenAuthenticationDnMatchesManagerUserDn() { EnvExposingDefaultSpringSecurityContextSource ctxSrc = new EnvExposingDefaultSpringSecurityContextSource( "ldap://blah:789/dc=springframework,dc=org"); @@ -79,6 +80,7 @@ public class DefaultSpringSecurityContextSourceTests { } @Test + @SuppressWarnings({ "unchecked", "rawtypes" }) public void poolingFlagIsNotSetWhenAuthenticationDnIsNotManagerUserDn() { EnvExposingDefaultSpringSecurityContextSource ctxSrc = new EnvExposingDefaultSpringSecurityContextSource( "ldap://blah:789/dc=springframework,dc=org"); @@ -170,13 +172,13 @@ public class DefaultSpringSecurityContextSourceTests { .isThrownBy(() -> new DefaultSpringSecurityContextSource(serverUrls, "dc=springframework,dc=org")); } + @SuppressWarnings({ "unchecked", "rawtypes" }) static class EnvExposingDefaultSpringSecurityContextSource extends DefaultSpringSecurityContextSource { EnvExposingDefaultSpringSecurityContextSource(String providerUrl) { super(providerUrl); } - @SuppressWarnings("unchecked") Hashtable getAuthenticatedEnvForTest(String userDn, String password) { return getAuthenticatedEnv(userDn, password); } diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java index 25d65e1215..6b7aed63d2 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java @@ -89,6 +89,7 @@ public class SpringSecurityLdapTemplateITests { // } @Test + @SuppressWarnings("unchecked") public void namingExceptionIsTranslatedCorrectly() { assertThatExceptionOfType(UncategorizedLdapException.class) .isThrownBy(() -> this.template.executeReadOnly((ContextExecutor) (dirContext) -> { diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java index a7598b3c4e..6336e1fd16 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java @@ -47,6 +47,7 @@ import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException */ @ExtendWith(SpringExtension.class) @ContextConfiguration(classes = UnboundIdContainerConfig.class) +@SuppressWarnings("deprecation") public class PasswordComparisonAuthenticatorTests { @Autowired diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java index 928b111ab4..33a5539594 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java @@ -57,6 +57,7 @@ public class DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests { } @Test + @SuppressWarnings("deprecation") public void groupSearchDoesNotAllowNullRoles() { this.populator.setRolePrefix("ROLE_"); this.populator.setGroupRoleAttribute("ou"); diff --git a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java index 3139673b43..9d3023e595 100644 --- a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java @@ -116,6 +116,7 @@ public class NestedLdapAuthoritiesPopulatorTests { } @Test + @SuppressWarnings("unchecked") public void testClosureDudeJDevelopersWithMembershipAsAttributeValues() { this.populator.setAttributeNames(new HashSet(Arrays.asList("member"))); diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java index ac78d44b5a..9ee853b110 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java @@ -21,11 +21,11 @@ import java.util.LinkedHashSet; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.jspecify.annotations.NonNull; import org.springframework.context.MessageSource; import org.springframework.context.MessageSourceAware; import org.springframework.context.support.MessageSourceAccessor; -import org.springframework.lang.NonNull; import org.springframework.ldap.core.DirContextOperations; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.BadCredentialsException; diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java index 4b33cb3b9f..0017c39bc9 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java @@ -21,11 +21,12 @@ import java.util.ArrayList; import java.util.Collections; import java.util.List; +import org.jspecify.annotations.NonNull; + import org.springframework.beans.factory.InitializingBean; import org.springframework.context.MessageSource; import org.springframework.context.MessageSourceAware; import org.springframework.context.support.MessageSourceAccessor; -import org.springframework.lang.NonNull; import org.springframework.ldap.core.ContextSource; import org.springframework.security.core.SpringSecurityMessageSource; import org.springframework.security.ldap.search.LdapUserSearch; diff --git a/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java b/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java index ec0efba60b..75fcdaaaa8 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java +++ b/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java @@ -25,6 +25,7 @@ import com.unboundid.ldap.sdk.DN; import com.unboundid.ldap.sdk.Entry; import com.unboundid.ldap.sdk.LDAPException; import com.unboundid.ldif.LDIFReader; +import org.jspecify.annotations.NonNull; import org.springframework.beans.BeansException; import org.springframework.beans.factory.DisposableBean; @@ -34,7 +35,6 @@ import org.springframework.context.ApplicationContextAware; import org.springframework.context.ConfigurableApplicationContext; import org.springframework.context.Lifecycle; import org.springframework.core.io.Resource; -import org.springframework.lang.NonNull; import org.springframework.util.StringUtils; /** diff --git a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java index 422b239a0f..08f57fd484 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java +++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java @@ -369,6 +369,7 @@ public class LdapUserDetailsManager implements UserDetailsManager { this.groupSearchFilter = "(" + groupMemberAttributeName + "={0})"; } + @SuppressWarnings("unchecked") public void setRoleMapper(AttributesMapper roleMapper) { this.roleMapper = roleMapper; } diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java index f5c2d8b4ae..dbf4beae3a 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java @@ -38,6 +38,7 @@ import static org.mockito.Mockito.mock; public class PasswordComparisonAuthenticatorMockTests { @Test + @SuppressWarnings("unchecked") public void ldapCompareOperationIsUsedWhenPasswordIsNotRetrieved() throws Exception { final DirContext dirCtx = mock(DirContext.class); final BaseLdapPathContextSource source = mock(BaseLdapPathContextSource.class); diff --git a/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java b/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java index 192e51829f..8910e53f60 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java @@ -38,6 +38,7 @@ import static org.mockito.Mockito.mock; public class UserDetailsServiceLdapAuthoritiesPopulatorTests { @Test + @SuppressWarnings("unchecked") public void delegationToUserDetailsServiceReturnsCorrectRoles() { UserDetailsService uds = mock(UserDetailsService.class); UserDetails user = mock(UserDetails.class); From 89467605cacad8ecff77aef670af80474595fab6 Mon Sep 17 00:00:00 2001 From: LeeJiWon Date: Sat, 24 Jan 2026 14:54:49 +0900 Subject: [PATCH 13/16] Deprecate single-arg PasswordComparisonAuthenticator ctor Add new constructor accepting PasswordEncoder to eventually remove deprecated LdapShaPasswordEncoder usage. Closes gh-18430 Signed-off-by: LeeJiWon --- .../PasswordComparisonAuthenticator.java | 15 ++++++++++++++- .../PasswordComparisonAuthenticatorMockTests.java | 1 + 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java index e158e87235..dd07d2349c 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java @@ -52,14 +52,27 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic private static final Log logger = LogFactory.getLog(PasswordComparisonAuthenticator.class); - private PasswordEncoder passwordEncoder = new LdapShaPasswordEncoder(KeyGenerators.shared(0)); + private PasswordEncoder passwordEncoder; private String passwordAttributeName = "userPassword"; private boolean usePasswordAttrCompare = false; + /** + * @deprecated Use + * {@link #PasswordComparisonAuthenticator(BaseLdapPathContextSource, PasswordEncoder)} + * instead + */ + @Deprecated(since = "7.1") + @SuppressWarnings("deprecation") public PasswordComparisonAuthenticator(BaseLdapPathContextSource contextSource) { + this(contextSource, new LdapShaPasswordEncoder(KeyGenerators.shared(0))); + } + + public PasswordComparisonAuthenticator(BaseLdapPathContextSource contextSource, PasswordEncoder passwordEncoder) { super(contextSource); + Assert.notNull(passwordEncoder, "passwordEncoder must not be null"); + this.passwordEncoder = passwordEncoder; } @Override diff --git a/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java b/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java index dbf4beae3a..5162fda236 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java @@ -35,6 +35,7 @@ import static org.mockito.Mockito.mock; /** * @author Luke Taylor */ +@SuppressWarnings("deprecation") public class PasswordComparisonAuthenticatorMockTests { @Test From 99eb7b1e5cd2a75864fde4ba8ddb9120e10d5d34 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 03:06:34 +0000 Subject: [PATCH 14/16] Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.6 to 3.27.7. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.6...assertj-build-3.27.7) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-version: 3.27.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index a57cb27106..1d5807702a 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -59,7 +59,7 @@ org-apereo-cas-client-cas-client-core = "org.apereo.cas.client:cas-client-core:4 io-freefair-gradle-aspectj-plugin = "io.freefair.gradle:aspectj-plugin:8.13.1" org-aspectj-aspectjrt = { module = "org.aspectj:aspectjrt", version.ref = "org-aspectj" } org-aspectj-aspectjweaver = { module = "org.aspectj:aspectjweaver", version.ref = "org-aspectj" } -org-assertj-assertj-core = "org.assertj:assertj-core:3.27.6" +org-assertj-assertj-core = "org.assertj:assertj-core:3.27.7" org-bouncycastle-bcpkix-jdk15on = { module = "org.bouncycastle:bcpkix-jdk18on", version.ref = "org-bouncycastle" } org-bouncycastle-bcprov-jdk15on = { module = "org.bouncycastle:bcprov-jdk18on", version.ref = "org-bouncycastle" } org-eclipse-jetty-jetty-server = { module = "org.eclipse.jetty:jetty-server", version.ref = "org-eclipse-jetty" } From 6f6dbd5728bd61aec38fa2c8031026dc9a9dc155 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 03:07:12 +0000 Subject: [PATCH 15/16] Bump ch.qos.logback:logback-classic from 1.5.25 to 1.5.26 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.25 to 1.5.26. - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](https://github.com/qos-ch/logback/compare/v_1.5.25...v_1.5.26) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.26 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 1d5807702a..9e4aa578bd 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -16,7 +16,7 @@ org-springframework = "7.0.3" com-password4j = "1.8.4" [libraries] -ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.25" +ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.26" com-fasterxml-jackson-jackson-bom = "com.fasterxml.jackson:jackson-bom:2.20.2" com-google-inject-guice = "com.google.inject:guice:3.0" com-netflix-nebula-nebula-project-plugin = "com.netflix.nebula:nebula-project-plugin:8.2.0" From c7d52242fb849149699279d8ae7627f5984cadbc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 03:03:22 +0000 Subject: [PATCH 16/16] Bump io.mockk:mockk from 1.14.7 to 1.14.9 Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.7 to 1.14.9. - [Release notes](https://github.com/mockk/mockk/releases) - [Commits](https://github.com/mockk/mockk/compare/1.14.7...1.14.9) --- updated-dependencies: - dependency-name: io.mockk:mockk dependency-version: 1.14.9 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 9e4aa578bd..d27b51a2cb 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -29,7 +29,7 @@ com-jayway-jsonpath-json-path = "com.jayway.jsonpath:json-path:2.9.0" commons-collections = "commons-collections:commons-collections:3.2.2" io-micrometer-context-propagation = "io.micrometer:context-propagation:1.1.3" io-micrometer-micrometer-observation = "io.micrometer:micrometer-observation:1.14.14" -io-mockk = "io.mockk:mockk:1.14.7" +io-mockk = "io.mockk:mockk:1.14.9" io-projectreactor-reactor-bom = "io.projectreactor:reactor-bom:2025.0.2" io-rsocket-rsocket-bom = { module = "io.rsocket:rsocket-bom", version.ref = "io-rsocket" } io-spring-javaformat-spring-javaformat-checkstyle = { module = "io.spring.javaformat:spring-javaformat-checkstyle", version.ref = "io-spring-javaformat" }