Remove @Configuration meta-annotation from @Enable annotations

Question

Remove @Configuration meta-annotation from @Enable annotations

Closed this issue 2 years ago · 8 comments

Currently, all Spring Security's @Enable annotations are meta-annotated with @Configuration. While convenient, this is not consistent with the rest of the Spring projects and most notably Spring Framework's @Enable annotations.

Additionally, the introduction of support for @Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow users to opt into their preferred configuration mode.

Answer 1 · 2022-07-26T21:55:51.000Z

Note that we will want to update the documentation examples to include @Configuration in places where it's currently missing.

Answer 2 · 2022-07-27T04:42:15.000Z

@sjohnr I would like to help on this, as I was anyhow looking into the documentation part.

Answer 3 · 2022-07-27T15:49:52.000Z

It's yours @jsattler! Keep in mind we'll want to update the reference documentation, javadoc and samples. I'll open a ticket to update the samples, and if you don't feel you can tackle that part just let me know.

Answer 4 · 2022-07-27T19:29:27.000Z

@sjohnr I will take care of the reference documentation, javadoc and samples. The actual removal of the @Configuration from the @Enable* annotations will be tackled in a separate PR, as this seems to be a breaking change, correct? If it is tackled in a separate PR should I anyhow already update the tests using only @Enable*?

Answer 5 · 2022-07-29T14:15:37.000Z

@jsattler yes, please do update tests if necessary! I think it can be done under this issue, but if you would like a separate issue let me know. And yes, this is a breaking change so I believe it will only be done in 6.0 (main). @rwinch can correct me if I'm wrong.

Answer 6 · 2022-07-30T01:53:37.000Z

Quite some files changed, hope that's okay for a single PR. If you have any suggestions to split this up, please let me know.

Answer 7 · 2022-08-09T21:56:51.000Z

A note for self. I used the following to check for missing @Configuration:

import re
import sys


enable_regex = r".*@Enable[a-zA-Z]+(Security|Authentication).*"
config_regex = r".*@Configuration.*"
A = 2
B = 2

file_name = sys.argv[1]
try:
	file = open(file_name, 'r')
	lines = file.readlines()
except Exception as err:
	print ("Could not open file:", file_name, repr(err))
	sys.exit()


def find_regex_in_range(lines, regex, range):
	for index in range:
		peek_line = lines[index - 1]
		if (re.match(regex, peek_line)):
			return True
	return False

def print_range(lines, range):
	for index in range:
		peek_line = lines[index - 1]
		print(f"{index} {peek_line}", end = "")

line_count = 0

for line in lines:
	line_count += 1
	if (re.match(enable_regex, line)):
		before_range = range(line_count - B, line_count)
		after_range = range(line_count + 1, line_count + A + 1)
		if (find_regex_in_range(lines, config_regex, before_range) or find_regex_in_range(lines, config_regex, after_range)):
			continue
		print (f"{file_name}")
		print ("---")
		print_range(lines, before_range)
		print (f"{line_count} {line}", end = "")
		print_range(lines, after_range)
		print ("---")

Then run

 rg . -l | xargs -I{} python find-enable.py

Answer 8 · 2022-08-09T22:21:38.000Z

Closing in favor of gh-11653