diff --git a/core/src/main/java/org/springframework/security/aot/hint/AuthorizeReturnObjectHintsRegistrar.java b/core/src/main/java/org/springframework/security/aot/hint/AuthorizeReturnObjectHintsRegistrar.java index 0c430160b72..fb1bf284838 100644 --- a/core/src/main/java/org/springframework/security/aot/hint/AuthorizeReturnObjectHintsRegistrar.java +++ b/core/src/main/java/org/springframework/security/aot/hint/AuthorizeReturnObjectHintsRegistrar.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -122,7 +122,7 @@ private void registerProxy(RuntimeHints hints, Class clazz) { .registerType(clazz, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS) .registerType(proxied, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, - MemberCategory.INVOKE_DECLARED_METHODS, MemberCategory.DECLARED_FIELDS); + MemberCategory.INVOKE_DECLARED_METHODS, MemberCategory.ACCESS_DECLARED_FIELDS); } } diff --git a/core/src/main/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHints.java b/core/src/main/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHints.java index 833b6d114a8..2ac11b0f87e 100644 --- a/core/src/main/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHints.java +++ b/core/src/main/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHints.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -79,7 +79,7 @@ private void registerExpressionEvaluationHints(RuntimeHints hints) { .registerTypes( List.of(TypeReference.of(SecurityExpressionOperations.class), TypeReference.of(SecurityExpressionRoot.class)), - (builder) -> builder.withMembers(MemberCategory.DECLARED_FIELDS, + (builder) -> builder.withMembers(MemberCategory.ACCESS_DECLARED_FIELDS, MemberCategory.INVOKE_DECLARED_METHODS)); } diff --git a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java index 5bd8aecdf39..c521af1d914 100644 --- a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java +++ b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java @@ -605,6 +605,7 @@ public void setUserCache(UserCache userCache) { * set this to {@code true} to enable password updates. * @param enableUpdatePassword {@code true} to enable password updates, {@code false} * otherwise. + * @since 7.0 */ public void setEnableUpdatePassword(boolean enableUpdatePassword) { this.enableUpdatePassword = enableUpdatePassword; @@ -626,6 +627,7 @@ private void validateAuthorities(Collection authorit /** * Conditionally updates password based on the setting from * {@link #setEnableUpdatePassword(boolean)}. {@inheritDoc} + * @since 7.0 */ @Override public UserDetails updatePassword(UserDetails user, String newPassword) { diff --git a/core/src/test/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHintsTests.java b/core/src/test/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHintsTests.java index 7c4eb4615e3..f7e0956887a 100644 --- a/core/src/test/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHintsTests.java +++ b/core/src/test/java/org/springframework/security/aot/hint/CoreSecurityRuntimeHintsTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -81,7 +81,7 @@ void springSecurityMessagesBundleHasHints() { void securityExpressionOperationsHasHints() { assertThat(RuntimeHintsPredicates.reflection() .onType(SecurityExpressionOperations.class) - .withMemberCategories(MemberCategory.DECLARED_FIELDS, MemberCategory.INVOKE_DECLARED_METHODS)) + .withMemberCategories(MemberCategory.ACCESS_DECLARED_FIELDS, MemberCategory.INVOKE_DECLARED_METHODS)) .accepts(this.hints); } @@ -89,7 +89,7 @@ void securityExpressionOperationsHasHints() { void securityExpressionRootHasHints() { assertThat(RuntimeHintsPredicates.reflection() .onType(SecurityExpressionRoot.class) - .withMemberCategories(MemberCategory.DECLARED_FIELDS, MemberCategory.INVOKE_DECLARED_METHODS)) + .withMemberCategories(MemberCategory.ACCESS_DECLARED_FIELDS, MemberCategory.INVOKE_DECLARED_METHODS)) .accepts(this.hints); } diff --git a/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java b/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java index 3f7962e6f42..adb03ee9e8e 100644 --- a/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java +++ b/core/src/test/java/org/springframework/security/provisioning/JdbcUserDetailsManagerTests.java @@ -285,10 +285,9 @@ public void findGroupMembersReturnsCorrectData() { } @Test - @SuppressWarnings("unchecked") public void createGroupInsertsCorrectData() { this.manager.createGroup("TEST_GROUP", AuthorityUtils.createAuthorityList("ROLE_X", "ROLE_Y")); - List roles = this.template.queryForList("select ga.authority from groups g, group_authorities ga " + List roles = this.template.queryForList("select ga.authority from groups g, group_authorities ga " + "where ga.group_id = g.id " + "and g.group_name = 'TEST_GROUP'"); assertThat(roles).hasSize(2); } @@ -367,7 +366,7 @@ public void updateUserDoesNotSaveAuthoritiesIfEnableAuthoritiesIsFalse() { // SEC-2166 @Test - public void createNewAuthenticationUsesNullPasswordToKeepPassordsSave() { + public void createNewAuthenticationUsesNullPasswordToKeepPasswordSave() { insertJoe(); UsernamePasswordAuthenticationToken currentAuth = UsernamePasswordAuthenticationToken.authenticated("joe", null, AuthorityUtils.createAuthorityList("ROLE_USER")); @@ -443,9 +442,9 @@ private void insertJoe() { this.cache.putUserInCache(joe); } - private class MockUserCache implements UserCache { + private static class MockUserCache implements UserCache { - private Map cache = new HashMap<>(); + private final Map cache = new HashMap<>(); @Override public UserDetails getUserFromCache(String username) { diff --git a/test/src/main/java/org/springframework/security/test/aot/hint/WebTestUtilsRuntimeHints.java b/test/src/main/java/org/springframework/security/test/aot/hint/WebTestUtilsRuntimeHints.java index 9b098dd8638..bb89f19f3d2 100644 --- a/test/src/main/java/org/springframework/security/test/aot/hint/WebTestUtilsRuntimeHints.java +++ b/test/src/main/java/org/springframework/security/test/aot/hint/WebTestUtilsRuntimeHints.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -58,12 +58,12 @@ private void registerFilterChainProxyHints(RuntimeHints hints) { } private void registerCsrfTokenRepositoryHints(RuntimeHints hints) { - hints.reflection().registerType(CsrfFilter.class, MemberCategory.DECLARED_FIELDS); + hints.reflection().registerType(CsrfFilter.class, MemberCategory.ACCESS_DECLARED_FIELDS); } private void registerSecurityContextRepositoryHints(RuntimeHints hints) { - hints.reflection().registerType(SecurityContextPersistenceFilter.class, MemberCategory.DECLARED_FIELDS); - hints.reflection().registerType(SecurityContextHolderFilter.class, MemberCategory.DECLARED_FIELDS); + hints.reflection().registerType(SecurityContextPersistenceFilter.class, MemberCategory.ACCESS_DECLARED_FIELDS); + hints.reflection().registerType(SecurityContextHolderFilter.class, MemberCategory.ACCESS_DECLARED_FIELDS); } } diff --git a/test/src/test/java/org/springframework/security/test/aot/hint/WebTestUtilsRuntimeHintsTests.java b/test/src/test/java/org/springframework/security/test/aot/hint/WebTestUtilsRuntimeHintsTests.java index 6fb662dca36..672e3ed8f4e 100644 --- a/test/src/test/java/org/springframework/security/test/aot/hint/WebTestUtilsRuntimeHintsTests.java +++ b/test/src/test/java/org/springframework/security/test/aot/hint/WebTestUtilsRuntimeHintsTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -72,21 +72,21 @@ void compositeFilterChainProxyHasHints() { void csrfFilterHasHints() { assertThat(RuntimeHintsPredicates.reflection() .onType(CsrfFilter.class) - .withMemberCategories(MemberCategory.DECLARED_FIELDS)).accepts(this.hints); + .withMemberCategories(MemberCategory.ACCESS_DECLARED_FIELDS)).accepts(this.hints); } @Test void securityContextPersistenceFilterHasHints() { assertThat(RuntimeHintsPredicates.reflection() .onType(SecurityContextPersistenceFilter.class) - .withMemberCategories(MemberCategory.DECLARED_FIELDS)).accepts(this.hints); + .withMemberCategories(MemberCategory.ACCESS_DECLARED_FIELDS)).accepts(this.hints); } @Test void securityContextHolderFilterHasHints() { assertThat(RuntimeHintsPredicates.reflection() .onType(SecurityContextHolderFilter.class) - .withMemberCategories(MemberCategory.DECLARED_FIELDS)).accepts(this.hints); + .withMemberCategories(MemberCategory.ACCESS_DECLARED_FIELDS)).accepts(this.hints); } } diff --git a/web/src/main/java/org/springframework/security/web/aot/hint/WebMvcSecurityRuntimeHints.java b/web/src/main/java/org/springframework/security/web/aot/hint/WebMvcSecurityRuntimeHints.java index 86df3618f27..347b7edc8a9 100644 --- a/web/src/main/java/org/springframework/security/web/aot/hint/WebMvcSecurityRuntimeHints.java +++ b/web/src/main/java/org/springframework/security/web/aot/hint/WebMvcSecurityRuntimeHints.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -36,7 +36,7 @@ class WebMvcSecurityRuntimeHints implements RuntimeHintsRegistrar { public void registerHints(RuntimeHints hints, ClassLoader classLoader) { hints.reflection() .registerType(WebSecurityExpressionRoot.class, (builder) -> builder - .withMembers(MemberCategory.INVOKE_DECLARED_METHODS, MemberCategory.DECLARED_FIELDS)); + .withMembers(MemberCategory.INVOKE_DECLARED_METHODS, MemberCategory.ACCESS_DECLARED_FIELDS)); hints.reflection() .registerType( TypeReference diff --git a/web/src/test/java/org/springframework/security/web/aot/hint/WebMvcSecurityRuntimeHintsTests.java b/web/src/test/java/org/springframework/security/web/aot/hint/WebMvcSecurityRuntimeHintsTests.java index 180d10db48c..5e0a9fcd4f5 100644 --- a/web/src/test/java/org/springframework/security/web/aot/hint/WebMvcSecurityRuntimeHintsTests.java +++ b/web/src/test/java/org/springframework/security/web/aot/hint/WebMvcSecurityRuntimeHintsTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -50,7 +50,7 @@ void setup() { void webSecurityExpressionRootHasHints() { assertThat(RuntimeHintsPredicates.reflection() .onType(WebSecurityExpressionRoot.class) - .withMemberCategories(MemberCategory.INVOKE_DECLARED_METHODS, MemberCategory.DECLARED_FIELDS)) + .withMemberCategories(MemberCategory.INVOKE_DECLARED_METHODS, MemberCategory.ACCESS_DECLARED_FIELDS)) .accepts(this.hints); }