Polish SecurityContextHolderStrategy XML Configuration for Defaults

jzheaux · jzheaux · commit c29b91cec750 · 2022-06-27T13:17:43.000-06:00
Issue gh-11061
diff --git a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java
@@ -215,7 +215,7 @@ final class AuthenticationConfigBuilder {
 
 	AuthenticationConfigBuilder(Element element, boolean forceAutoConfig, ParserContext pc,
 			SessionCreationPolicy sessionPolicy, BeanReference requestCache, BeanReference authenticationManager,
-			BeanReference authenticationFilterSecurityContextHolderStrategyRef,
+			BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef,
 			BeanReference authenticationFilterSecurityContextRepositoryRef, BeanReference sessionStrategy,
 			BeanReference portMapper, BeanReference portResolver, BeanMetadataElement csrfLogoutHandler) {
 		this.httpElt = element;
@@ -272,7 +272,7 @@ private void createRememberMeProvider(String key) {
 	}
 
 	void createFormLoginFilter(BeanReference sessionStrategy, BeanReference authManager,
-			BeanReference authenticationFilterSecurityContextHolderStrategyRef,
+			BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef,
 			BeanReference authenticationFilterSecurityContextRepositoryRef) {
 		Element formLoginElt = DomUtils.getChildElementByTagName(this.httpElt, Elements.FORM_LOGIN);
 		RootBeanDefinition formFilter = null;
@@ -442,7 +442,7 @@ private void injectRememberMeServicesRef(RootBeanDefinition bean, String remembe
 	}
 
 	void createBasicFilter(BeanReference authManager,
-			BeanReference authenticationFilterSecurityContextHolderStrategyRef) {
+			BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef) {
 		Element basicAuthElt = DomUtils.getChildElementByTagName(this.httpElt, Elements.BASIC_AUTH);
 		if (basicAuthElt == null && !this.autoConfig) {
 			// No basic auth, do nothing
@@ -612,7 +612,7 @@ void createLoginPageFilterIfNeeded() {
 		}
 	}
 
-	void createLogoutFilter(BeanReference authenticationFilterSecurityContextHolderStrategyRef) {
+	void createLogoutFilter(BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef) {
 		Element logoutElt = DomUtils.getChildElementByTagName(this.httpElt, Elements.LOGOUT);
 		if (logoutElt != null || this.autoConfig) {
 			String formLoginPage = this.formLoginPage;
@@ -677,7 +677,7 @@ List<BeanDefinition> getCsrfIgnoreRequestMatchers() {
 		return this.csrfIgnoreRequestMatchers;
 	}
 
-	void createAnonymousFilter(BeanReference authenticationFilterSecurityContextHolderStrategyRef) {
+	void createAnonymousFilter(BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef) {
 		Element anonymousElt = DomUtils.getChildElementByTagName(this.httpElt, Elements.ANONYMOUS);
 		if (anonymousElt != null && "false".equals(anonymousElt.getAttribute("enabled"))) {
 			return;
@@ -723,7 +723,7 @@ private String createKey() {
 		return Long.toString(random.nextLong());
 	}
 
-	void createExceptionTranslationFilter(BeanReference authenticationFilterSecurityContextHolderStrategyRef) {
+	void createExceptionTranslationFilter(BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef) {
 		BeanDefinitionBuilder etfBuilder = BeanDefinitionBuilder.rootBeanDefinition(ExceptionTranslationFilter.class);
 		this.accessDeniedHandler = createAccessDeniedHandler(this.httpElt, this.pc);
 		etfBuilder.addPropertyValue("accessDeniedHandler", this.accessDeniedHandler);
diff --git a/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java b/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -160,7 +160,7 @@ class HttpConfigurationBuilder {
 
 	private BeanDefinition forceEagerSessionCreationFilter;
 
-	private BeanReference holderStrategyRef;
+	private BeanMetadataElement holderStrategyRef;
 
 	private BeanReference contextRepoRef;
 
@@ -301,7 +301,7 @@ static String createPath(String path, boolean lowerCase) {
 		return lowerCase ? path.toLowerCase() : path;
 	}
 
-	BeanReference getSecurityContextHolderStrategyForAuthenticationFilters() {
+	BeanMetadataElement getSecurityContextHolderStrategyForAuthenticationFilters() {
 		return this.holderStrategyRef;
 	}
 
@@ -350,13 +350,12 @@ private void createSecurityContextPersistenceFilter() {
 
 	private void createSecurityContextHolderStrategy() {
 		String holderStrategyRef = this.httpElt.getAttribute(ATT_SECURITY_CONTEXT_HOLDER_STRATEGY);
-		if (!StringUtils.hasText(holderStrategyRef)) {
-			BeanDefinition holderStrategyBean = BeanDefinitionBuilder
-					.rootBeanDefinition(SecurityContextHolderStrategyFactory.class).getBeanDefinition();
-			holderStrategyRef = this.pc.getReaderContext().generateBeanName(holderStrategyBean);
-			this.pc.registerBeanComponent(new BeanComponentDefinition(holderStrategyBean, holderStrategyRef));
+		if (StringUtils.hasText(holderStrategyRef)) {
+			this.holderStrategyRef = new RuntimeBeanReference(holderStrategyRef);
+			return;
 		}
-		this.holderStrategyRef = new RuntimeBeanReference(holderStrategyRef);
+		this.holderStrategyRef = BeanDefinitionBuilder.rootBeanDefinition(SecurityContextHolderStrategyFactory.class)
+				.getBeanDefinition();
 	}
 
 	private void createSecurityContextRepository() {
diff --git a/config/src/main/java/org/springframework/security/config/http/LogoutBeanDefinitionParser.java b/config/src/main/java/org/springframework/security/config/http/LogoutBeanDefinitionParser.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2019 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -20,7 +20,6 @@
 
 import org.springframework.beans.BeanMetadataElement;
 import org.springframework.beans.factory.config.BeanDefinition;
-import org.springframework.beans.factory.config.BeanReference;
 import org.springframework.beans.factory.config.RuntimeBeanReference;
 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 import org.springframework.beans.factory.support.ManagedList;
@@ -62,10 +61,10 @@ class LogoutBeanDefinitionParser implements BeanDefinitionParser {
 
 	private BeanMetadataElement logoutSuccessHandler;
 
-	private BeanReference authenticationFilterSecurityContextHolderStrategyRef;
+	private BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef;
 
 	LogoutBeanDefinitionParser(String loginPageUrl, String rememberMeServices, BeanMetadataElement csrfLogoutHandler,
-			BeanReference authenticationFilterSecurityContextHolderStrategyRef) {
+			BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef) {
 		this.defaultLogoutUrl = loginPageUrl + "?logout";
 		this.rememberMeServices = rememberMeServices;
 		this.csrfEnabled = csrfLogoutHandler != null;
