From 053c890a6957ee44efe5eb3491be4fda0aabc628 Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Sat, 14 Dec 2013 13:00:48 -0600 Subject: [PATCH] SEC-2450: WebSecurityConfigurerAdapter have default Order of 100 --- .../WebSecurityConfigurerAdapter.java | 2 ++ .../WebSecurityConfigurerAdapterTests.groovy | 17 +++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java index ae0c4bc397..330f235979 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java @@ -24,6 +24,7 @@ import org.apache.commons.logging.LogFactory; import org.springframework.beans.factory.NoSuchBeanDefinitionException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; +import org.springframework.core.annotation.Order; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationTrustResolver; import org.springframework.security.authentication.AuthenticationTrustResolverImpl; @@ -53,6 +54,7 @@ import org.springframework.web.accept.HeaderContentNegotiationStrategy; * * @author Rob Winch */ +@Order(100) public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigurer { private final Log logger = LogFactory.getLog(WebSecurityConfigurerAdapter.class); diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy index fbe509d5b8..bd0aa127e2 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy @@ -27,6 +27,9 @@ import org.springframework.context.ApplicationContext import org.springframework.context.ApplicationListener import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration +import org.springframework.core.Ordered +import org.springframework.core.annotation.AnnotationAwareOrderComparator +import org.springframework.core.annotation.Order import org.springframework.security.authentication.AuthenticationManager import org.springframework.security.authentication.AuthenticationProvider import org.springframework.security.authentication.AuthenticationTrustResolver @@ -283,4 +286,18 @@ class WebSecurityConfigurerAdapterTests extends BaseSpringSpec { return TR } } + + def "WebSecurityConfigurerAdapter has Ordered between 0 and lowest priority"() { + when: + def lowestConfig = new LowestPriorityWebSecurityConfig() + def defaultConfig = new DefaultOrderWebSecurityConfig() + def compare = new AnnotationAwareOrderComparator() + then: "the default ordering is between 0 and lowest priority (Boot adapters)" + compare.compare(lowestConfig, defaultConfig) > 0 + } + + class DefaultOrderWebSecurityConfig extends WebSecurityConfigurerAdapter {} + + @Order(Ordered.LOWEST_PRECEDENCE) + class LowestPriorityWebSecurityConfig extends WebSecurityConfigurerAdapter {} }