Skip to content

Commit ab52fd8

Browse files
committed
Deprecate ChannelDecisionManager
Closes gh-16681
1 parent 72070cd commit ab52fd8

File tree

6 files changed

+22
-0
lines changed

6 files changed

+22
-0
lines changed

web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManager.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,12 +23,16 @@
2323

2424
import org.springframework.security.access.ConfigAttribute;
2525
import org.springframework.security.web.FilterInvocation;
26+
import org.springframework.security.web.util.matcher.RequestMatcher;
2627

2728
/**
2829
* Decides whether a web channel provides sufficient security.
2930
*
3031
* @author Ben Alex
32+
* @deprecated no replacement is planned, though consider using a custom
33+
* {@link RequestMatcher} for any sophisticated decision-making
3134
*/
35+
@Deprecated
3236
public interface ChannelDecisionManager {
3337

3438
/**

web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@
2626
import org.springframework.beans.factory.InitializingBean;
2727
import org.springframework.security.access.ConfigAttribute;
2828
import org.springframework.security.web.FilterInvocation;
29+
import org.springframework.security.web.util.matcher.RequestMatcher;
2930
import org.springframework.util.Assert;
3031

3132
/**
@@ -44,7 +45,10 @@
4445
* channel processors will be skipped (see SEC-494, SEC-335).
4546
*
4647
* @author Ben Alex
48+
* @deprecated no replacement is planned, though consider using a custom
49+
* {@link RequestMatcher} for any sophisticated decision-making
4750
*/
51+
@Deprecated
4852
public class ChannelDecisionManagerImpl implements ChannelDecisionManager, InitializingBean {
4953

5054
public static final String ANY_CHANNEL = "ANY_CHANNEL";

web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessingFilter.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,9 @@
8383
* over HTTPS.
8484
*
8585
* @author Ben Alex
86+
* @deprecated see {@link org.springframework.security.web.transport.HttpsRedirectFilter}
8687
*/
88+
@Deprecated
8789
public class ChannelProcessingFilter extends GenericFilterBean {
8890

8991
private ChannelDecisionManager channelDecisionManager;

web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessor.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@
2323

2424
import org.springframework.security.access.ConfigAttribute;
2525
import org.springframework.security.web.FilterInvocation;
26+
import org.springframework.security.web.util.matcher.RequestMatcher;
2627

2728
/**
2829
* Decides whether a web channel meets a specific security condition.
@@ -34,7 +35,10 @@
3435
* themselves. The callers of the implementation do not take any action.
3536
*
3637
* @author Ben Alex
38+
* @deprecated no replacement is planned, though consider using a custom
39+
* {@link RequestMatcher} for any sophisticated decision-making
3740
*/
41+
@Deprecated
3842
public interface ChannelProcessor {
3943

4044
/**

web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@
2424
import org.springframework.beans.factory.InitializingBean;
2525
import org.springframework.security.access.ConfigAttribute;
2626
import org.springframework.security.web.FilterInvocation;
27+
import org.springframework.security.web.util.matcher.RequestMatcher;
2728
import org.springframework.util.Assert;
2829

2930
/**
@@ -39,7 +40,10 @@
3940
* The default <code>insecureKeyword</code> is <code>REQUIRES_INSECURE_CHANNEL</code>.
4041
*
4142
* @author Ben Alex
43+
* @deprecated no replacement is planned, though consider using a custom
44+
* {@link RequestMatcher} for any sophisticated decision-making
4245
*/
46+
@Deprecated
4347
public class InsecureChannelProcessor implements InitializingBean, ChannelProcessor {
4448

4549
private ChannelEntryPoint entryPoint = new RetryWithHttpEntryPoint();

web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@
2424
import org.springframework.beans.factory.InitializingBean;
2525
import org.springframework.security.access.ConfigAttribute;
2626
import org.springframework.security.web.FilterInvocation;
27+
import org.springframework.security.web.util.matcher.RequestMatcher;
2728
import org.springframework.util.Assert;
2829

2930
/**
@@ -39,7 +40,10 @@
3940
* The default <code>secureKeyword</code> is <code>REQUIRES_SECURE_CHANNEL</code>.
4041
*
4142
* @author Ben Alex
43+
* @deprecated no replacement is planned, though consider using a custom
44+
* {@link RequestMatcher} for any sophisticated decision-making
4245
*/
46+
@Deprecated
4347
public class SecureChannelProcessor implements InitializingBean, ChannelProcessor {
4448

4549
private ChannelEntryPoint entryPoint = new RetryWithHttpsEntryPoint();

0 commit comments

Comments
 (0)