From b3be35da31ccabafbd46fdf61a355a1a9a8d2fdf Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Tue, 28 Jun 2022 11:45:35 -0600 Subject: [PATCH] Polish SecurityContextHolderStrategy XML Configuration for Defaults Issue gh-11061 --- .../security/config/http/HttpConfigurationBuilder.java | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java b/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java index 683ebcc76f..e38cd5dd8b 100644 --- a/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java +++ b/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java @@ -601,6 +601,7 @@ class HttpConfigurationBuilder { this.servApiFilter = GrantedAuthorityDefaultsParserUtils.registerWithDefaultRolePrefix(this.pc, SecurityContextHolderAwareRequestFilterBeanFactory.class); this.servApiFilter.getPropertyValues().add("authenticationManager", authenticationManager); + this.servApiFilter.getPropertyValues().add("securityContextHolderStrategy", this.holderStrategyRef); } } @@ -903,12 +904,20 @@ class HttpConfigurationBuilder { private SecurityContextHolderAwareRequestFilter filter = new SecurityContextHolderAwareRequestFilter(); + private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder + .getContextHolderStrategy(); + @Override public SecurityContextHolderAwareRequestFilter getBean() { + this.filter.setSecurityContextHolderStrategy(this.securityContextHolderStrategy); this.filter.setRolePrefix(this.rolePrefix); return this.filter; } + void setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy) { + this.securityContextHolderStrategy = securityContextHolderStrategy; + } + } static class SecurityContextHolderStrategyFactory implements FactoryBean {