JAVA-29170: Changes made for Upgrade spring-rest-http to Spring Boot 3 (#16000)

* JAVA-29170: Changes made for Upgrade spring-rest-http to Spring Boot 3 * JAVA-29316: Changes made for Upgrade spring-rest-http to Spring Boot 3 * JAVA-29316: Changes made for Upgrade spring-rest-http to Spring Boot 3
2024-03-08 02:44:09 +05:30 · 2024-03-08 02:44:09 +05:30 · 31cbe87a55
parent 59d5922f48
commit 31cbe87a55
8 changed files with 52 additions and 80 deletions
--- a/spring-security-modules/spring-security-web-rest/pom.xml
+++ b/spring-security-modules/spring-security-web-rest/pom.xml
@ -10,9 +10,9 @@

    <parent>
        <groupId>com.baeldung</groupId>
-        <artifactId>parent-spring-5</artifactId>
+        <artifactId>parent-boot-3</artifactId>
        <version>0.0.1-SNAPSHOT</version>
-        <relativePath>../../parent-spring-5</relativePath>
+        <relativePath>../../parent-boot-3</relativePath>
    </parent>

    <dependencies>
@ -144,6 +144,12 @@
            <artifactId>commons-fileupload</artifactId>
            <version>${commons-fileupload.version}</version>
        </dependency>
+        <dependency>
+            <groupId>jakarta.servlet</groupId>
+            <artifactId>jakarta.servlet-api</artifactId>
+            <version>${jakarta.servlet.version}</version>
+            <scope>provided</scope>
+        </dependency>
    </dependencies>

    <build>
@ -155,6 +161,13 @@
            </resource>
        </resources>
        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <skip>true</skip>
+                </configuration>
+            </plugin>
            <plugin>
                <groupId>org.codehaus.cargo</groupId>
                <artifactId>cargo-maven2-plugin</artifactId>
@ -237,6 +250,9 @@
        <rest-assured.version>2.9.0</rest-assured.version>
        <!-- Maven plugins -->
        <cargo-maven2-plugin.version>1.6.1</cargo-maven2-plugin.version>
+        <spring.version>6.0.13</spring.version>
+        <spring-security.version>6.1.5</spring-security.version>
+        <jakarta.servlet.version>6.0.0</jakarta.servlet.version>
    </properties>

 </project>
--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/errorhandling/CustomRestExceptionHandler.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/errorhandling/CustomRestExceptionHandler.java
@ -9,8 +9,8 @@ import javax.validation.ConstraintViolationException;
 import org.springframework.beans.TypeMismatchException;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.HttpStatusCode;
 import org.springframework.http.ResponseEntity;
-import org.springframework.validation.BindException;
 import org.springframework.validation.FieldError;
 import org.springframework.validation.ObjectError;
 import org.springframework.web.HttpMediaTypeNotSupportedException;
@ -31,7 +31,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler {
    // 400

    @Override
-    protected ResponseEntity<Object> handleMethodArgumentNotValid(final MethodArgumentNotValidException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
+    protected ResponseEntity<Object> handleMethodArgumentNotValid(final MethodArgumentNotValidException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) {
        logger.info(ex.getClass().getName());
        //
        final List<String> errors = new ArrayList<String>();
@ -46,22 +46,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler {
    }

    @Override
-    protected ResponseEntity<Object> handleBindException(final BindException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
-        logger.info(ex.getClass().getName());
-        //
-        final List<String> errors = new ArrayList<String>();
-        for (final FieldError error : ex.getBindingResult().getFieldErrors()) {
-            errors.add(error.getField() + ": " + error.getDefaultMessage());
-        }
-        for (final ObjectError error : ex.getBindingResult().getGlobalErrors()) {
-            errors.add(error.getObjectName() + ": " + error.getDefaultMessage());
-        }
-        final ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, ex.getLocalizedMessage(), errors);
-        return handleExceptionInternal(ex, apiError, headers, apiError.getStatus(), request);
-    }
-
-    @Override
-    protected ResponseEntity<Object> handleTypeMismatch(final TypeMismatchException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
+    protected ResponseEntity<Object> handleTypeMismatch(TypeMismatchException ex, HttpHeaders headers, HttpStatusCode status, WebRequest request) {
        logger.info(ex.getClass().getName());
        //
        final String error = ex.getValue() + " value for " + ex.getPropertyName() + " should be of type " + ex.getRequiredType();
@ -71,7 +56,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler {
    }

    @Override
-    protected ResponseEntity<Object> handleMissingServletRequestPart(final MissingServletRequestPartException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
+    protected ResponseEntity<Object> handleMissingServletRequestPart(final MissingServletRequestPartException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) {
        logger.info(ex.getClass().getName());
        //
        final String error = ex.getRequestPartName() + " part is missing";
@ -80,7 +65,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler {
    }

    @Override
-    protected ResponseEntity<Object> handleMissingServletRequestParameter(final MissingServletRequestParameterException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
+    protected ResponseEntity<Object> handleMissingServletRequestParameter(final MissingServletRequestParameterException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) {
        logger.info(ex.getClass().getName());
        //
        final String error = ex.getParameterName() + " parameter is missing";
@ -116,7 +101,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler {
    // 404

    @Override
-    protected ResponseEntity<Object> handleNoHandlerFoundException(final NoHandlerFoundException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
+    protected ResponseEntity<Object> handleNoHandlerFoundException(final NoHandlerFoundException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) {
        logger.info(ex.getClass().getName());
        //
        final String error = "No handler found for " + ex.getHttpMethod() + " " + ex.getRequestURL();
@ -128,7 +113,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler {
    // 405

    @Override
-    protected ResponseEntity<Object> handleHttpRequestMethodNotSupported(final HttpRequestMethodNotSupportedException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
+    protected ResponseEntity<Object> handleHttpRequestMethodNotSupported(final HttpRequestMethodNotSupportedException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) {
        logger.info(ex.getClass().getName());
        //
        final StringBuilder builder = new StringBuilder();
@ -143,7 +128,7 @@ public class CustomRestExceptionHandler extends ResponseEntityExceptionHandler {
    // 415

    @Override
-    protected ResponseEntity<Object> handleHttpMediaTypeNotSupported(final HttpMediaTypeNotSupportedException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
+    protected ResponseEntity<Object> handleHttpMediaTypeNotSupported(final HttpMediaTypeNotSupportedException ex, final HttpHeaders headers, final HttpStatusCode status, final WebRequest request) {
        logger.info(ex.getClass().getName());
        //
        final StringBuilder builder = new StringBuilder();
--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/SecurityJavaConfig.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/SecurityJavaConfig.java
@ -1,11 +1,13 @@
 package com.baeldung.security;

+import static org.springframework.security.config.Customizer.withDefaults;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.core.userdetails.User;
@ -23,7 +25,7 @@ import com.baeldung.web.error.CustomAccessDeniedHandler;

@Configuration
@EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true)
+@EnableMethodSecurity(prePostEnabled = true)
@ComponentScan("com.baeldung.security")
 public class SecurityJavaConfig {

@ -53,36 +55,17 @@ public class SecurityJavaConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.csrf()
-            .disable()
-            .authorizeRequests()
-            .and()
-            .exceptionHandling()
-            .accessDeniedHandler(accessDeniedHandler)
-            .authenticationEntryPoint(restAuthenticationEntryPoint)
-            .and()
-            .authorizeRequests()
-            .antMatchers("/api/csrfAttacker*")
-            .permitAll()
-            .antMatchers("/api/customer/**")
-            .permitAll()
-            .antMatchers("/api/foos/**")
-            .authenticated()
-            .antMatchers("/api/async/**")
-            .permitAll()
-            .antMatchers("/api/admin/**")
-            .hasRole("ADMIN")
-            .and()
-            .formLogin()
-            .successHandler(mySuccessHandler)
-            .failureHandler(myFailureHandler)
-            .and()
-            .httpBasic()
-            .and()
-            .logout();
+        http.authorizeHttpRequests (authorizeRequests -> authorizeRequests.requestMatchers("/api/csrfAttacker*").permitAll()
+            .requestMatchers("/api/customer/**").permitAll()
+            .requestMatchers("/api/foos/**").authenticated()
+            .requestMatchers("/api/async/**").permitAll()
+            .requestMatchers("/api/admin/**").hasRole("ADMIN"))
+            .formLogin(formLogin -> formLogin.successHandler(mySuccessHandler).failureHandler(myFailureHandler))
+            .httpBasic(withDefaults())
+            .logout(logout -> logout.permitAll());
        return http.build();
    }
-    
+
    @Bean
    public PasswordEncoder encoder() {
        return new BCryptPasswordEncoder();
--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/MySavedRequestAwareAuthenticationSuccessHandler.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/MySavedRequestAwareAuthenticationSuccessHandler.java
@ -2,10 +2,6 @@ package com.baeldung.security.web;

 import java.io.IOException;

-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
 import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
@ -14,6 +10,10 @@ import org.springframework.security.web.savedrequest.SavedRequest;
 import org.springframework.stereotype.Component;
 import org.springframework.util.StringUtils;

+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
@Component
 public class MySavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {

--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/RestAuthenticationEntryPoint.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/security/web/RestAuthenticationEntryPoint.java
@ -2,13 +2,13 @@ package com.baeldung.security.web;

 import java.io.IOException;

-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.stereotype.Component;

+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
 /**
 * The Entry Point will not redirect to any sort of Login - it will return the 401
 */
--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/CustomAccessDeniedHandler.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/CustomAccessDeniedHandler.java
@ -2,14 +2,15 @@ package com.baeldung.web.error;

 import java.io.IOException;

-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;

 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.web.access.AccessDeniedHandler;
 import org.springframework.stereotype.Component;

+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
@Component
 public class CustomAccessDeniedHandler implements AccessDeniedHandler {

--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/RestResponseEntityExceptionHandler.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/web/error/RestResponseEntityExceptionHandler.java
@ -32,19 +32,6 @@ public class RestResponseEntityExceptionHandler extends ResponseEntityExceptionH
        return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.BAD_REQUEST, request);
    }

-    @Override
-    protected ResponseEntity<Object> handleHttpMessageNotReadable(final HttpMessageNotReadableException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
-        final String bodyOfResponse = "This should be application specific";
-        // ex.getCause() instanceof JsonMappingException, JsonParseException // for additional information later on
-        return handleExceptionInternal(ex, bodyOfResponse, headers, HttpStatus.BAD_REQUEST, request);
-    }
-
-    @Override
-    protected ResponseEntity<Object> handleMethodArgumentNotValid(final MethodArgumentNotValidException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
-        final String bodyOfResponse = "This should be application specific";
-        return handleExceptionInternal(ex, bodyOfResponse, headers, HttpStatus.BAD_REQUEST, request);
-    }
-
    // 403
    @ExceptionHandler({ AccessDeniedException.class })
    public ResponseEntity<Object> handleAccessDeniedException(final Exception ex, final WebRequest request) {
--- a/spring-security-modules/spring-security-web-rest/src/test/java/com/baeldung/web/TestConfig.java
+++ b/spring-security-modules/spring-security-web-rest/src/test/java/com/baeldung/web/TestConfig.java
@ -4,7 +4,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.multipart.MultipartResolver;
-import org.springframework.web.multipart.commons.CommonsMultipartResolver;
+import org.springframework.web.multipart.support.StandardServletMultipartResolver;

@Configuration
@ComponentScan({ "com.baeldung.web" })
@ -12,7 +12,7 @@ public class TestConfig {

    @Bean
    public MultipartResolver multipartResolver() {
-        CommonsMultipartResolver multipartResolver = new CommonsMultipartResolver();
+        StandardServletMultipartResolver multipartResolver = new StandardServletMultipartResolver();
        return multipartResolver;
    }