Set SwitchUserGrantedAuthorityMixIn in WebJackson2Module

JohnNiang · JohnNiang · commit 351a808ff283 · 2025-05-07T10:56:50.000+08:00
diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebJackson2Module.java
@@ -21,14 +21,16 @@
 
 import org.springframework.security.jackson2.SecurityJackson2Modules;
 import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
+import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority;
 import org.springframework.security.web.csrf.DefaultCsrfToken;
 
 /**
  * Jackson module for spring-security-web. This module register
- * {@link DefaultCsrfTokenMixin} and {@link PreAuthenticatedAuthenticationTokenMixin}. If
- * no default typing enabled by default then it'll enable it because typing info is needed
- * to properly serialize/deserialize objects. In order to use this module just add this
- * module into your ObjectMapper configuration.
+ * {@link DefaultCsrfTokenMixin}, {@link PreAuthenticatedAuthenticationTokenMixin} and
+ * {@link SwitchUserGrantedAuthorityMixIn}. If no default typing enabled by default then
+ * it'll enable it because typing info is needed to properly serialize/deserialize
+ * objects. In order to use this module just add this module into your ObjectMapper
+ * configuration.
  *
  * <pre>
  *     ObjectMapper mapper = new ObjectMapper();
@@ -53,6 +55,7 @@ public void setupModule(SetupContext context) {
 		context.setMixInAnnotations(DefaultCsrfToken.class, DefaultCsrfTokenMixin.class);
 		context.setMixInAnnotations(PreAuthenticatedAuthenticationToken.class,
 				PreAuthenticatedAuthenticationTokenMixin.class);
+		context.setMixInAnnotations(SwitchUserGrantedAuthority.class, SwitchUserGrantedAuthorityMixIn.class);
 	}
 
 }
diff --git a/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java b/web/src/main/java/org/springframework/security/web/jackson2/WebServletJackson2Module.java
@@ -22,17 +22,16 @@
 
 import org.springframework.security.jackson2.SecurityJackson2Modules;
 import org.springframework.security.web.authentication.WebAuthenticationDetails;
-import org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority;
 import org.springframework.security.web.savedrequest.DefaultSavedRequest;
 import org.springframework.security.web.savedrequest.SavedCookie;
 
 /**
  * Jackson module for spring-security-web related to servlet. This module registers
- * {@link CookieMixin}, {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin},
- * {@link WebAuthenticationDetailsMixin}, and {@link SwitchUserGrantedAuthorityMixIn}. If
- * no default typing is enabled by default then it will be enabled, because typing info is
- * needed to properly serialize/deserialize objects. In order to use this module just add
- * this module into your ObjectMapper configuration.
+ * {@link CookieMixin}, {@link SavedCookieMixin}, {@link DefaultSavedRequestMixin}, and
+ * {@link WebAuthenticationDetailsMixin}. If no default typing is enabled by default then
+ * it will be enabled, because typing info is needed to properly serialize/deserialize
+ * objects. In order to use this module just add this module into your ObjectMapper
+ * configuration.
  *
  * <pre>
  *     ObjectMapper mapper = new ObjectMapper();
@@ -58,7 +57,6 @@ public void setupModule(SetupContext context) {
 		context.setMixInAnnotations(SavedCookie.class, SavedCookieMixin.class);
 		context.setMixInAnnotations(DefaultSavedRequest.class, DefaultSavedRequestMixin.class);
 		context.setMixInAnnotations(WebAuthenticationDetails.class, WebAuthenticationDetailsMixin.class);
-		context.setMixInAnnotations(SwitchUserGrantedAuthority.class, SwitchUserGrantedAuthorityMixIn.class);
 	}
 
 }
