SpringDocSecurityConfiguration class not sufficiently constrained

[alexfeigin]

1.SpringDocSecurityConfiguration class is @ConditionalOnClass(Authentication.class)
which comes with spring-security-core.
2. It should also condition itself on a class from spring-security-web like @ConditionalOnClass(SecurityFilterChain.class)
3. As of springdoc v2.0.4. If a project has a dependency on spring-security-core and not on spring-security-web, the project will fail to startup with a stack trace similar to this:

2023-03-15 13:48:47.904 IST ERROR [restartedMain] [o.s.b.SpringApplication:822] Application run failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springdoc.core.configuration.SpringDocSecurityConfiguration$SpringSecurityLoginEndpointConfiguration': Lookup method resolution failed
....
Caused by: java.lang.NoClassDefFoundError: org/springframework/security/web/FilterChainProxy

[alexfeigin]

if anybody else is experiencing the same, we are currently mitigating with configuration springdoc.enable-spring-security=false

[bnasslahsen]

@alexfeigin,

Thank you for the information!