Skip to content

GH-3897: Deprecate ChannelSecurityInterceptor #3915

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 17, 2022
Merged

GH-3897: Deprecate ChannelSecurityInterceptor #3915

merged 4 commits into from
Oct 17, 2022

Conversation

artembilan
Copy link
Member

Fixes #3897

Spring Security has deprecated AccessDecisionManager and all its infrastructure in favor of AuthorizationManager

  • Deprecate and AOP ChannelSecurityInterceptor and all its infrastructure, including @SecuredChannel and respective XML configuration. The AuthorizationChannelInterceptor added to respective channels for security or configured as a global channel interceptor fully covers the previous AOP configuration
  • Fix deprecation warnings in other tests with security

@artembilan artembilan mentioned this pull request Oct 14, 2022
Open
garyrussell
garyrussell suggested changes Oct 17, 2022
View reviewed changes
Copy link
Contributor

@garyrussell garyrussell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just doc polishing.

@garyrussell
Copy link
Contributor

Needs rebase/conflicts.

@artembilan
Copy link
Member Author

Looks like there are more deprecation warnings.

Do not merge yet.

artembilan and others added 3 commits October 17, 2022 16:19
@artembilan
spring-projectsGH-3897: Deprecate ChannelSecurityInterceptor
4078623 
Fixes spring-projects#3897

Spring Security has deprecated `AccessDecisionManager` and all its infrastructure
in favor of `AuthorizationManager`

* Deprecate and AOP `ChannelSecurityInterceptor` and all its infrastructure,
including `@SecuredChannel` and respective XML configuration.
The `AuthorizationChannelInterceptor` added to respective channels for security
or configured as a global channel interceptor fully covers the previous AOP configuration
* Fix deprecation warnings in other tests with security
@artembilan @garyrussell
Fix language in docs
419e288 
Co-authored-by: Gary Russell <[email protected]>
@artembilan
* Remove forRemoval attr from @Deprecated markers for Security cl…
6c5e723 
…asses:

looks like to mark `@Deprecated` and even `@SuppressWarnings("deprecation")`
don't silence warnings on compilation
@garyrussell
Copy link
Contributor

221 tests completed, 78 failed, 1 skipped

@artembilan
Copy link
Member Author

@garyrussell ,

Looks like that one was an interim failure.
It is good now.
I guess the problem was related to the release process we have these days.

@garyrussell
Copy link
Contributor

Conflict in build.grade.

@garyrussell garyrussell merged commit 64f0e73 into spring-projects:main Oct 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@garyrussell garyrussell Awaiting requested review from garyrussell

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Revise Spring Integration security in favor of Spring Security Messaging
2 participants
@artembilan @garyrussell