Fix test failures related to response headers

These tests began failing on snapshots after changes in
Spring Framework's `DispatcherServlet` to reset the response
on an error.

For now, we can have these tests operate with a 200 OK response.
An issue was opened in the spring-framework issuer tracker to
discuss this and address `CorsFilter` (and any other filter) that
writes headers that would be cleared on an error.

See spring-projects/spring-framework#31154

config/src/test/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurerEagerHeadersTests.java

@@ -31,6 +31,8 @@ import org.springframework.security.config.test.SpringTestContextExtension;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.header.HeaderWriterFilter;
 import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
 
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
@@ -50,7 +52,7 @@ public class HeadersConfigurerEagerHeadersTests {
 
 	@Test
 	public void requestWhenHeadersEagerlyConfiguredThenHeadersAreWritten() throws Exception {
-		this.spring.register(HeadersAtTheBeginningOfRequestConfig.class).autowire();
+		this.spring.register(HeadersAtTheBeginningOfRequestConfig.class, HomeController.class).autowire();
 		this.mvc.perform(get("/").secure(true)).andExpect(header().string("X-Content-Type-Options", "nosniff"))
 				.andExpect(header().string("X-Frame-Options", "DENY"))
 				.andExpect(header().string("Strict-Transport-Security", "max-age=31536000 ; includeSubDomains"))
@@ -82,4 +84,14 @@ public class HeadersConfigurerEagerHeadersTests {
 
 	}
 
+	@RestController
+	private static class HomeController {
+
+		@GetMapping("/")
+		String ok() {
+			return "ok";
+		}
+
+	}
+
 }

config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurerTests.java

@@ -124,7 +124,7 @@ public class HttpBasicConfigurerTests {
 	// SEC-3019
 	@Test
 	public void httpBasicWhenRememberMeConfiguredThenSetsRememberMeCookie() throws Exception {
-		this.spring.register(BasicUsesRememberMeConfig.class).autowire();
+		this.spring.register(BasicUsesRememberMeConfig.class, Home.class).autowire();
 		MockHttpServletRequestBuilder rememberMeRequest = get("/").with(httpBasic("user", "password"))
 				.param("remember-me", "true");
 		this.mvc.perform(rememberMeRequest).andExpect(cookie().exists("remember-me"));

config/src/test/kotlin/org/springframework/security/config/annotation/web/CorsDslTests.kt

@@ -31,7 +31,9 @@ import org.springframework.security.config.test.SpringTestContextExtension
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.test.web.servlet.MockMvc
 import org.springframework.test.web.servlet.get
+import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.RequestMethod
+import org.springframework.web.bind.annotation.RestController
 import org.springframework.web.cors.CorsConfiguration
 import org.springframework.web.cors.CorsConfigurationSource
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource
@@ -72,7 +74,7 @@ class CorsDslTests {
 
     @Test
     fun `CORS when CORS configuration source bean then responds with CORS header`() {
-        this.spring.register(CorsCrossOriginBeanConfig::class.java).autowire()
+        this.spring.register(CorsCrossOriginBeanConfig::class.java, HomeController::class.java).autowire()
 
         this.mockMvc.get("/")
         {
@@ -149,7 +151,7 @@ class CorsDslTests {
 
     @Test
     fun `CORS when CORS configuration source dsl then responds with CORS header`() {
-        this.spring.register(CorsCrossOriginBeanConfig::class.java).autowire()
+        this.spring.register(CorsCrossOriginBeanConfig::class.java, HomeController::class.java).autowire()
 
         this.mockMvc.get("/")
         {
@@ -180,4 +182,13 @@ class CorsDslTests {
             return http.build()
         }
     }
+
+    @RestController
+    private class HomeController {
+        @GetMapping("/")
+        fun ok(): String {
+            return "ok"
+        }
+    }
+
 }