Keep the default RequestCache querying behavior in Spring Security 5

org.openrewrite.java.spring.security6.UpdateRequestCache

By default, Spring Security 5 queries the saved request on every request, which means that in a typical setup, the HttpSession is queried on every request to use the RequestCache. In Spring Security 6, the default behavior has changed, and RequestCache will only be queried for a cached request if the HTTP parameter "continue" is defined. To maintain the same default behavior as Spring Security 5, either explicitly add the HTTP parameter "continue" to every request or use NullRequestCache to override the default behavior.

Recipe source

GitHub, Issue Tracker, Maven Central

groupId: org.openrewrite.recipe
artifactId: rewrite-spring
version: 5.8.0

Usage

This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-spring:5.8.0 in your build file or by running a shell command (in which case no build changes are needed):

Add the following to your build.gradle file:

build.gradle

plugins {
    id("org.openrewrite.rewrite") version("6.12.0")
}

rewrite {
    activeRecipe("org.openrewrite.java.spring.security6.UpdateRequestCache")
}

repositories {
    mavenCentral()
}

dependencies {
    rewrite("org.openrewrite.recipe:rewrite-spring:5.8.0")
}

Run gradle rewriteRun to run the recipe.

Create a file named init.gradle in the root of your project.

init.gradle

initscript {
    repositories {
        maven { url "https://plugins.gradle.org/m2" }
    }
    dependencies { classpath("org.openrewrite:plugin:6.12.0") }
}
rootProject {
    plugins.apply(org.openrewrite.gradle.RewritePlugin)
    dependencies {
        rewrite("org.openrewrite.recipe:rewrite-spring:5.8.0")
    }
    rewrite {
        activeRecipe("org.openrewrite.java.spring.security6.UpdateRequestCache")
    }
    afterEvaluate {
        if (repositories.isEmpty()) {
            repositories {
                mavenCentral()
            }
        }
    }
}

Run gradle --init-script init.gradle rewriteRun to run the recipe.

Add the following to your pom.xml file:

pom.xml

<project>
  <build>
    <plugins>
      <plugin>
        <groupId>org.openrewrite.maven</groupId>
        <artifactId>rewrite-maven-plugin</artifactId>
        <version>5.29.0</version>
        <configuration>
          <activeRecipes>
            <recipe>org.openrewrite.java.spring.security6.UpdateRequestCache</recipe>
          </activeRecipes>
        </configuration>
        <dependencies>
          <dependency>
            <groupId>org.openrewrite.recipe</groupId>
            <artifactId>rewrite-spring</artifactId>
            <version>5.8.0</version>
          </dependency>
        </dependencies>
      </plugin>
    </plugins>
  </build>
</project>

Run mvn rewrite:run to run the recipe.

shell

mvn -U org.openrewrite.maven:rewrite-maven-plugin:run -Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-spring:RELEASE -Drewrite.activeRecipes=org.openrewrite.java.spring.security6.UpdateRequestCache

You will need to have configured the Moderne CLI on your machine before you can run the following command.

shell

mod run . --recipe UpdateRequestCache

See how this recipe works across multiple open-source repositories

The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.

Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.

Contributors

Kun Li, Knut Wannheden, Tim te Beek

PreviousConvert HttpSecurity::apply chained calls into HttpSecurity::with Lambda DSL NextMigrate to Spring Security 6.0

Last updated 17 hours ago