-
Notifications
You must be signed in to change notification settings - Fork 5.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resolve ObjectPostProcessor collisions between RSocket and WebFlux security configuration #16161
Comments
Thanks for the report, @joaodias14. I'm able to reproduce this issue; we'll get a fix out in the next maintenance release. In the meantime, if you are not using Security's Observability integration, then you can do: @Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
@Primary
static ObjectPostProcessor<ReactiveAuthorizationManager<ServerWebExchange>> primaryAuthorizationManagerPostProcessor() {
return ObjectPostProcessor.identity();
}
@Bean
@Role(2)
@Primary
static ObjectPostProcessor<ReactiveAuthenticationManager> primaryAuthenticationManagerPostProcessor() {
return ObjectPostProcessor.identity();
}
@Bean
@Role(2)
@Primary
static ObjectPostProcessor<WebFilterChainProxy.WebFilterChainDecorator> primaryFilterChainDecoratorPostProcessor() {
return ObjectPostProcessor.identity();
} Or, if you are, then you can instead do: @Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
@Primary
static ObjectPostProcessor<ReactiveAuthorizationManager<ServerWebExchange>> primaryAuthorizationManagerPostProcessor(
ObjectProvider<ObservationRegistry> registry) {
return new ObjectPostProcessor<>() {
@Override
public ReactiveAuthorizationManager postProcess(ReactiveAuthorizationManager object) {
ObservationRegistry r = registry.getIfUnique(() -> ObservationRegistry.NOOP);
return new ObservationReactiveAuthorizationManager<>(r, object);
}
};
}
@Bean
@Role(2)
@Primary
static ObjectPostProcessor<ReactiveAuthenticationManager> primaryAuthenticationManagerPostProcessor(ObjectProvider<ObservationRegistry> registry) {
return new ObjectPostProcessor<>() {
public ReactiveAuthenticationManager postProcess(ReactiveAuthenticationManager object) {
ObservationRegistry r = registry.getIfUnique(() -> ObservationRegistry.NOOP);
return new ObservationReactiveAuthenticationManager(r, object);
}
};
}
@Bean
@Role(2)
@Primary
static ObjectPostProcessor<WebFilterChainProxy.WebFilterChainDecorator> primaryFilterChainDecoratorPostProcessor(ObjectProvider<ObservationRegistry> registry) {
return new ObjectPostProcessor<>() {
public WebFilterChainProxy.WebFilterChainDecorator postProcess(WebFilterChainProxy.WebFilterChainDecorator object) {
ObservationRegistry r = registry.getIfUnique(() -> ObservationRegistry.NOOP);
return new ObservationWebFilterChainDecorator(r);
}
};
} |
We will add |
Many thanks for the quick workaround @jzheaux ! |
Good question, @ngocnhan-tran1996, please see the commit for details; it disambiguates in the setter to preserve Spring Security's |
While migrating to the new Spring Boot 3.4 version I am facing the following error in a project with RSocket, Spring Security and Spring Webflux:
I was able to reproduce this in a simple project which you can find at https://github.com/joaodias14/Spring-Boot-RSocket. I simply used https://start.spring.io/ with Spring Boot 3.4.0 and RSocket, Spring Reactive Web and Spring Security as dependencies. If I run it with
./mvnw -o spring-boot:run
I get the error above.The text was updated successfully, but these errors were encountered: