Skip to content

When possible use SmartHttpMessageConverter over GenericHttpMessageConverter #18073

New issue
New issue
Open
#18075
Open
When possible use SmartHttpMessageConverter over GenericHttpMessageConverter#18073
#18075
Labels
status: waiting-for-triageAn issue we've not yet triagedtype: enhancementA general enhancement
@rwinch

Description

@rwinch
rwinch
opened on Oct 17, 2025

Spring Security often uses GenericHttpMessageConverter for JSON support. The new Jackson support was refined to be a SmartHttpMessageConverter, so we should refine our usage to leverage SmartHttpMessageConverter when possible. Here are a few places that are using GenericHttpMessageConverter:

  • config/src/main/java/org/springframework/security/config/web/server/HttpMessageConverters.java
  • oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/http/converter/HttpMessageConverters.java
  • oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/http/converter/HttpMessageConverters.java
  • oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/HttpMessageConverters.java
  • oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/OAuth2ProtectedResourceMetadataFilter.java

Metadata

Metadata

Assignees

No one assigned

    Labels

    status: waiting-for-triageAn issue we've not yet triagedtype: enhancementA general enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions