SEC-3063: rm ConditionalOnMissingBean for @Primary

ConditionalOnMissingBean can only work in a Spring Boot environment. This
means this approach is flawed.

Instead users that wish to override requestDataValueProcessor can use
@Primary.

config/src/main/java/org/springframework/security/config/annotation/web/configuration/ConditionalOnMissingBean.java

@@ -1,13 +0,0 @@
-package org.springframework.security.config.annotation.web.configuration;
-
-import org.springframework.context.annotation.Conditional;
-
-/**
- * @author Rob Winch
- * @since 4.0
- */
-@Conditional(OnMissingBeanCondition.class)
-@interface ConditionalOnMissingBean {
-
-	Class<?> value();
-}

config/src/main/java/org/springframework/security/config/annotation/web/configuration/OnMissingBeanCondition.java

@@ -1,40 +0,0 @@
-/*
- * Copyright 2002-2015 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License. You may obtain a copy of
- * the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.springframework.security.config.annotation.web.configuration;
-
-import java.util.Map;
-
-import org.springframework.context.annotation.ConditionContext;
-import org.springframework.context.annotation.ConfigurationCondition;
-import org.springframework.core.type.AnnotatedTypeMetadata;
-
-/**
- * @author Rob Winch
- */
-class OnMissingBeanCondition implements ConfigurationCondition {
-	public ConfigurationPhase getConfigurationPhase() {
-		return ConfigurationPhase.REGISTER_BEAN;
-	}
-
-	public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) {
-		Map<String, Object> attrs = metadata
-				.getAnnotationAttributes(ConditionalOnMissingBean.class.getName());
-
-		Class<?> type = (Class<?>) attrs.get("value");
-		final Map<String, ?> beans = context.getBeanFactory().getBeansOfType(type);
-		return beans.isEmpty();
-	}
-}

config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebMvcSecurityConfiguration.java

@@ -47,7 +47,6 @@ class WebMvcSecurityConfiguration extends WebMvcConfigurerAdapter {
 		argumentResolvers.add(new CsrfTokenArgumentResolver());
 	}
 
-	@ConditionalOnMissingBean(RequestDataValueProcessor.class)
 	@Bean
 	public RequestDataValueProcessor requestDataValueProcessor() {
 		return new CsrfRequestDataValueProcessor();

config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerNoWebMvcTests.java

@@ -24,6 +24,7 @@ import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.annotation.AnnotationConfigApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@@ -78,6 +79,7 @@ public class CsrfConfigurerNoWebMvcTests {
 	@EnableWebSecurity
 	static class EnableWebOverrideRequestDataConfig {
 		@Bean
+		@Primary
 		public RequestDataValueProcessor requestDataValueProcessor() {
 			return mock(RequestDataValueProcessor.class);
 		}