Skip to content

Use Kotlin DSL Marker Annotations to prevent scope leaking in WebFlux DSL #8366

New issue
New issue
Closed
Closed
Use Kotlin DSL Marker Annotations to prevent scope leaking in WebFlux DSL#8366
Assignees
eleftherias
Labels
in: configAn issue in spring-security-configstatus: first-timers-onlyAn issue that can only be worked on by brand new contributorstype: enhancementA general enhancement
Milestone
5.4.0-M1
@eleftherias

Description

@eleftherias
eleftherias
opened on Apr 9, 2020

Summary

The Kotlin DSL is designed with a specific hierarchy in mind.
However, the hierarchy is not enforced.

The following configuration should not compile, but currently it does.

@EnableWebFluxSecurity
class SecurityConfig {

    @Bean
    fun springSecurityFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {
        return http {
            authorizeExchange {
                    authorizeExchange { }
            }
        }
    }
}

Kotlin allows the creation of DSL markers, to control the scope in which a function is available.

We can use a DSL marker to annotate all classes that belong to the server HTTP security DSL and prevent scope leaking.

For this we will need a new DSL marker, similar to @SecurityMarker.
A possible name for the new marker is @ServerSecurityMarker.

See fde3ccb for the changes that introduced the @SecurityMarker.

Metadata

Metadata

Assignees

Labels

in: configAn issue in spring-security-configstatus: first-timers-onlyAn issue that can only be worked on by brand new contributorstype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions