Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-22 20:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update HandlerMappingIntrospector Usage in CORS support

Browse Source 
Closes gh-16501

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
This commit is contained in:
Evgeniy Cheban 2025-02-26 21:47:45 +02:00 committed by Josh Cummings
parent ba1045e61d
commit ad1ee28f01
3 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
config/src/main/java/org/springframework/security/config/annotation/web/configurers/CorsConfigurer.java
View File

@ -107,15 +107,14 @@ public class CorsConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHt
* @return * @return
*/ */
private static CorsFilter getMvcCorsFilter(ApplicationContext context) { private static CorsFilter getMvcCorsFilter(ApplicationContext context) {
if (!context.containsBean(HANDLER_MAPPING_INTROSPECTOR_BEAN_NAME)) { if (context.getBeanNamesForType(CorsConfigurationSource.class).length > 0) {
throw new NoSuchBeanDefinitionException(HANDLER_MAPPING_INTROSPECTOR_BEAN_NAME, "A Bean named " CorsConfigurationSource corsConfigurationSource = context
+ HANDLER_MAPPING_INTROSPECTOR_BEAN_NAME + " of type " .getBean(HANDLER_MAPPING_INTROSPECTOR_BEAN_NAME, CorsConfigurationSource.class);
+ HandlerMappingIntrospector.class.getName() return new CorsFilter(corsConfigurationSource);
+ " is required to use MvcRequestMatcher. Please ensure Spring Security & Spring MVC are configured in a shared ApplicationContext.");
} }
HandlerMappingIntrospector mappingIntrospector = context.getBean(HANDLER_MAPPING_INTROSPECTOR_BEAN_NAME, throw new NoSuchBeanDefinitionException(CorsConfigurationSource.class,
HandlerMappingIntrospector.class); "Failed to find a bean that implements `CorsConfigurationSource`. Please ensure that you are using "
return new CorsFilter(mappingIntrospector); + "`@EnableWebMvc`, are publishing a `WebMvcConfigurer`, or are publishing a `CorsConfigurationSource` bean.");
} }
} }

3
config/src/test/java/org/springframework/security/config/annotation/web/configurers/CorsConfigurerTests.java
View File

@ -70,7 +70,8 @@ public class CorsConfigurerTests {
assertThatExceptionOfType(BeanCreationException.class) assertThatExceptionOfType(BeanCreationException.class)
.isThrownBy(() -> this.spring.register(DefaultCorsConfig.class).autowire()) .isThrownBy(() -> this.spring.register(DefaultCorsConfig.class).autowire())
.withMessageContaining( .withMessageContaining(
"Please ensure Spring Security & Spring MVC are configured in a shared ApplicationContext"); "Please ensure that you are using `@EnableWebMvc`, are publishing a `WebMvcConfigurer`, "
+ "or are publishing a `CorsConfigurationSource` bean.");
} }
@Test @Test

3
config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt
View File

@ -56,7 +56,8 @@ class CorsDslTests {
fun `CORS when no MVC then exception`() { fun `CORS when no MVC then exception`() {
assertThatThrownBy { this.spring.register(DefaultCorsConfig::class.java).autowire() } assertThatThrownBy { this.spring.register(DefaultCorsConfig::class.java).autowire() }
.isInstanceOf(BeanCreationException::class.java) .isInstanceOf(BeanCreationException::class.java)
.hasMessageContaining("Please ensure Spring Security & Spring MVC are configured in a shared ApplicationContext") .hasMessageContaining("Please ensure that you are using `@EnableWebMvc`, are publishing a `WebMvcConfigurer`, " +
"or are publishing a `CorsConfigurationSource` bean.")
} }