Skip to content

Fix NoClassDefFoundError when Spring Session is used without Spring Security #16889

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Fix NoClassDefFoundError when Spring Session is used without Spring Security #16889

wants to merge 1 commit into from

Conversation

vpavic
Copy link
Contributor

@vpavic vpavic commented May 17, 2019

This resolves #16871 by ensuring auto-configuration of Spring Session's DefaultCookieSerializer doesn't break when Spring Security is not present on the classpath.

The approach taken in this PR uses an anonymous BeanPostProcessor - I'm not sure this is an acceptable approach but introducing some sort of a customizer bean seemed like an overhead in DefaultCookieSerializer case.

Regarding the anonymous BeanPostProcessor pattern, it is also present in LiquibaseEndpointAutoConfiguration.

@vpavic
Improve Spring Session auto-configuration
3315269 
This commit ensures auto-configuration of Spring Session's DefaultCookieSerializer doesn't break when Spring Security is not present on the classpath.
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label May 17, 2019
@vpavic vpavic mentioned this pull request May 17, 2019
Closed
@philwebb philwebb added for: merge-with-amendments Needs some changes when we merge type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged labels May 17, 2019
@philwebb philwebb added this to the 2.1.6 milestone May 17, 2019
@philwebb
Copy link
Member

We might get away with getting the bean programmatically rather than needing the BeanPostProcessor. We'll try that when we merge.

@snicoll snicoll changed the title Improve Spring Session auto-configuration Fix NoClassDefFoundError when Spring Session is used without Spring Security May 17, 2019
philwebb added a commit that referenced this pull request May 28, 2019
@philwebb
Polish "Fix NoClassDefFound when missing Spring Security"
6913ea2 
See gh-16889
philwebb added a commit that referenced this pull request May 28, 2019
@philwebb
Merge pull request #16889 from vpavic
a51996f 
* pr/16889:
  Polish "Fix NoClassDefFound when missing Spring Security"
  Fix NoClassDefFound when missing Spring Security
@philwebb philwebb mentioned this pull request May 28, 2019
Closed
@philwebb philwebb closed this in e9bd11e May 28, 2019
@philwebb
Copy link
Member

philwebb commented May 28, 2019
edited
Loading

Thanks @vpavic, now fixed with a small change to remove the need for the BPP.

@vpavic vpavic deleted the gh-16871 branch May 29, 2019 05:18
@vpavic vpavic mentioned this pull request Jun 10, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
for: merge-with-amendments Needs some changes when we merge type: bug A general bug
Projects
None yet
Milestone
2.1.6
Development

Successfully merging this pull request may close these issues.

Spring Session without Spring Security leads to NoClassDefFoundError: org/springframework/security/web/authentication/RememberMeServices
3 participants
@vpavic @philwebb @spring-projects-issues