Extract createSecurityContextRepository()

Extract out method in preparation for adding SecurityContextHolderFilter configuration. Issue gh-9635
spring-projects · Mar 12, 2022 · f9619ce · f9619ce
1 parent cbba7ea
commit f9619ce
Showing 1 changed file with 19 additions and 12 deletions.
diff --git a/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java b/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java
@@ -202,6 +202,7 @@ class HttpConfigurationBuilder {
 		this.sessionPolicy = !StringUtils.hasText(createSession) ? SessionCreationPolicy.IF_REQUIRED
 				: createPolicy(createSession);
 		createCsrfFilter();
+		createSecurityContextRepository();
 		createSecurityContextPersistenceFilter();
 		createSessionManagementFilters();
 		createWebAsyncManagerFilter();
@@ -280,17 +281,29 @@ static String createPath(String path, boolean lowerCase) {
 
 	private void createSecurityContextPersistenceFilter() {
 		BeanDefinitionBuilder scpf = BeanDefinitionBuilder.rootBeanDefinition(SecurityContextPersistenceFilter.class);
+		String disableUrlRewriting = this.httpElt.getAttribute(ATT_DISABLE_URL_REWRITING);
+		switch (this.sessionPolicy) {
+		case ALWAYS:
+			scpf.addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
+			break;
+		case NEVER:
+			scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
+			break;
+		default:
+			scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
+		}
+		scpf.addConstructorArgValue(this.contextRepoRef);
+
+		this.securityContextPersistenceFilter = scpf.getBeanDefinition();
+	}
+
+	private void createSecurityContextRepository() {
 		String repoRef = this.httpElt.getAttribute(ATT_SECURITY_CONTEXT_REPOSITORY);
 		String disableUrlRewriting = this.httpElt.getAttribute(ATT_DISABLE_URL_REWRITING);
 		if (!StringUtils.hasText(disableUrlRewriting)) {
 			disableUrlRewriting = "true";
 		}
-		if (StringUtils.hasText(repoRef)) {
-			if (this.sessionPolicy == SessionCreationPolicy.ALWAYS) {
-				scpf.addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
-			}
-		}
-		else {
+		if (!StringUtils.hasText(repoRef)) {
 			BeanDefinitionBuilder contextRepo;
 			if (this.sessionPolicy == SessionCreationPolicy.STATELESS) {
 				contextRepo = BeanDefinitionBuilder.rootBeanDefinition(NullSecurityContextRepository.class);
@@ -300,15 +313,12 @@ private void createSecurityContextPersistenceFilter() {
 				switch (this.sessionPolicy) {
 				case ALWAYS:
 					contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
-					scpf.addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
 					break;
 				case NEVER:
 					contextRepo.addPropertyValue("allowSessionCreation", Boolean.FALSE);
-					scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
 					break;
 				default:
 					contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
-					scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
 				}
 				if ("true".equals(disableUrlRewriting)) {
 					contextRepo.addPropertyValue("disableUrlRewriting", Boolean.TRUE);
@@ -320,9 +330,6 @@ private void createSecurityContextPersistenceFilter() {
 		}
 
 		this.contextRepoRef = new RuntimeBeanReference(repoRef);
-		scpf.addConstructorArgValue(this.contextRepoRef);
-
-		this.securityContextPersistenceFilter = scpf.getBeanDefinition();
 	}
 
 	private void createSessionManagementFilters() {