Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move Pre/PostAuthorize annotations to org.springframework.security.authorization.method package #14844

Closed
marcusdacoregio opened this issue Apr 4, 2024 · 1 comment
Closed

Move Pre/PostAuthorize annotations to org.springframework.security.authorization.method package #14844

marcusdacoregio opened this issue Apr 4, 2024 · 1 comment
Assignees
@marcusdacoregio
Labels
in: core An issue in spring-security-core type: enhancement A general enhancement

Comments

@marcusdacoregio
Copy link
Contributor

marcusdacoregio commented Apr 4, 2024
edited
Loading

When #14712 was merged, a package tangle was introduced from the org.springframework.security.access package to the org.springframework.security.authorization package. More specifically org.springframework.security.access.prepost.PreAuthorize (and PostAuthorize) are using org.springframework.security.authorization.method.MethodAuthorizationDeniedHandler and org.springframework.security.authorization.method.MethodAuthorizationDeniedPostProcessor.

To do this, we can deprecate the Pre/PostAuthorize from the access package and then create new annotations on the authorization.method package. The old annotations can use the new ones as meta-annotations.
@marcusdacoregio marcusdacoregio added in: core An issue in spring-security-core type: enhancement A general enhancement labels Apr 4, 2024
@marcusdacoregio marcusdacoregio self-assigned this Apr 4, 2024
@marcusdacoregio
Copy link
Contributor Author

We won't do this for now, the annotations have been there for a long time and we must have a good plan about the deprecation. The package tangle has been solved via 8d914ef by adding using new annotation inside authorization.method package instead of annotation attributes in Pre/PostAuthorize

@marcusdacoregio marcusdacoregio closed this as not planned Won't fix, can't repro, duplicate, stale Apr 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marcusdacoregio marcusdacoregio

Labels
in: core An issue in spring-security-core type: enhancement A general enhancement
Projects
Spring Security Team
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@marcusdacoregio