From 35eff94e3d65056346a51054379559f9176a37bd Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Fri, 11 Mar 2016 12:12:55 -0600 Subject: [PATCH] Add Both Config names to duplicate WebSecurityConfigurer order Previously the error message when multiple WebSecurityConfigurer with the same Order did not include both WebSecurityConfigurer classes that were involved in the duplicate Order. This made resolving errors difficult. This commit ensures both WebSecurityConfigurers are include in the error message. Fixes gh-3380 --- .../web/configuration/WebSecurityConfiguration.java | 4 +++- .../web/configuration/WebSecurityConfigurationTests.groovy | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java index 0b385442a46..c277b3af2c4 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java @@ -142,15 +142,17 @@ public void setFilterChainProxySecurityConfigurer( Collections.sort(webSecurityConfigurers, AnnotationAwareOrderComparator.INSTANCE); Integer previousOrder = null; + Object previousConfig = null; for (SecurityConfigurer config : webSecurityConfigurers) { Integer order = AnnotationAwareOrderComparator.lookupOrder(config); if (previousOrder != null && previousOrder.equals(order)) { throw new IllegalStateException( "@Order on WebSecurityConfigurers must be unique. Order of " - + order + " was already used, so it cannot be used on " + + order + " was already used on " + previousConfig + ", so it cannot be used on " + config + " too."); } previousOrder = order; + previousConfig = config; } for (SecurityConfigurer webSecurityConfigurer : webSecurityConfigurers) { webSecurity.apply(webSecurityConfigurer); diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy index 47843f34b21..eee544ca21c 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy @@ -33,6 +33,7 @@ import org.springframework.security.config.annotation.BaseSpringSpec import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.WebSecurity +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurationTests.DuplicateOrderConfig; import org.springframework.security.web.FilterChainProxy import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator @@ -136,6 +137,8 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { then: BeanCreationException e = thrown() e.message.contains "@Order on WebSecurityConfigurers must be unique" + e.message.contains DuplicateOrderConfig.WebConfigurer1.class.name + e.message.contains DuplicateOrderConfig.WebConfigurer2.class.name }