Fix RoleHirerarchy usage in Example 17 - Authorization module
vrudas opened this issue · 0 comments
After migration to Spring Boot 3.0.+ and provided Spring Security 6 the code behavior in the Example 17 - Authorization module is not worked in the same way as it was in Spring Security 5. This happened because of the broken support of the RoleHierarchy feature by an AuthorityAuthorizationManager.
The problem was found by a community and corresponding issues were logged:
- spring-projects/spring-security#12231
- spring-projects/spring-security#12473
- spring-projects/spring-security#12505
and some of them are fixed and will be released as a part of the Spring Security 6.1.+ version.
So work of code in this module should be fixed after updating to the latest version of Spring Security that will contain the fix.
During implementation pay attention that all tests from https://github.com/vrudas/spring-framework-examples/blob/main/example-17-authorization/src/test/java/io/sfe/authorization/AccessCheckControllerTest.java are executed successfully 🧪