Remove PortResolver

Closes gh-15971

Signed-off-by: DingHao <dh.hiekn@gmail.com>

config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java

@@ -29,7 +29,6 @@ import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.security.web.PortMapper;
-import org.springframework.security.web.PortResolver;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
@@ -274,10 +273,6 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
 		if (portMapper != null) {
 			this.authenticationEntryPoint.setPortMapper(portMapper);
 		}
-		PortResolver portResolver = getBeanOrNull(http, PortResolver.class);
-		if (portResolver != null) {
-			this.authenticationEntryPoint.setPortResolver(portResolver);
-		}
 		RequestCache requestCache = http.getSharedObject(RequestCache.class);
 		if (requestCache != null) {
 			this.defaultSuccessHandler.setRequestCache(requestCache);

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java

@@ -83,7 +83,6 @@ import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.oauth2.jwt.JwtDecoderFactory;
 import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.security.web.PortResolver;
 import org.springframework.security.web.RedirectStrategy;
 import org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint;
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
@@ -556,10 +555,6 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 		RequestMatcher formLoginNotEnabled = getFormLoginNotEnabledRequestMatcher(http);
 		LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
 		LoginUrlAuthenticationEntryPoint loginUrlEntryPoint = new LoginUrlAuthenticationEntryPoint(providerLoginPage);
-		PortResolver portResolver = getBeanOrNull(ResolvableType.forClass(PortResolver.class));
-		if (portResolver != null) {
-			loginUrlEntryPoint.setPortResolver(portResolver);
-		}
 		entryPoints.put(new AndRequestMatcher(notXRequestedWith, new NegatedRequestMatcher(defaultLoginPageMatcher),
 				formLoginNotEnabled), loginUrlEntryPoint);
 		DelegatingAuthenticationEntryPoint loginEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);

config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurer.java

@@ -48,7 +48,6 @@ import org.springframework.security.saml2.provider.service.web.authentication.Op
 import org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver;
 import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
 import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.security.web.PortResolver;
 import org.springframework.security.web.authentication.AuthenticationConverter;
 import org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint;
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
@@ -342,10 +341,6 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 				new RequestHeaderRequestMatcher("X-Requested-With", "XMLHttpRequest"));
 		LinkedHashMap<RequestMatcher, AuthenticationEntryPoint> entryPoints = new LinkedHashMap<>();
 		LoginUrlAuthenticationEntryPoint loginUrlEntryPoint = new LoginUrlAuthenticationEntryPoint(providerLoginPage);
-		PortResolver portResolver = getBeanOrNull(http, PortResolver.class);
-		if (portResolver != null) {
-			loginUrlEntryPoint.setPortResolver(portResolver);
-		}
 		entryPoints.put(new AndRequestMatcher(notXRequestedWith, new NegatedRequestMatcher(defaultLoginPageMatcher)),
 				loginUrlEntryPoint);
 		DelegatingAuthenticationEntryPoint loginEntryPoint = new DelegatingAuthenticationEntryPoint(entryPoints);

config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java

@@ -164,8 +164,6 @@ final class AuthenticationConfigBuilder {
 
 	private final BeanReference portMapper;
 
-	private final BeanReference portResolver;
-
 	private final BeanMetadataElement csrfLogoutHandler;
 
 	private String loginProcessingUrl;
@@ -227,7 +225,7 @@ final class AuthenticationConfigBuilder {
 			SessionCreationPolicy sessionPolicy, BeanReference requestCache, BeanReference authenticationManager,
 			BeanMetadataElement authenticationFilterSecurityContextHolderStrategyRef,
 			BeanReference authenticationFilterSecurityContextRepositoryRef, BeanReference sessionStrategy,
-			BeanReference portMapper, BeanReference portResolver, BeanMetadataElement csrfLogoutHandler) {
+			BeanReference portMapper, BeanMetadataElement csrfLogoutHandler) {
 		this.httpElt = element;
 		this.pc = pc;
 		this.requestCache = requestCache;
@@ -235,7 +233,6 @@ final class AuthenticationConfigBuilder {
 		this.allowSessionCreation = sessionPolicy != SessionCreationPolicy.NEVER
 				&& sessionPolicy != SessionCreationPolicy.STATELESS;
 		this.portMapper = portMapper;
-		this.portResolver = portResolver;
 		this.csrfLogoutHandler = csrfLogoutHandler;
 		createAnonymousFilter(authenticationFilterSecurityContextHolderStrategyRef);
 		createRememberMeFilter(authenticationManager, authenticationFilterSecurityContextHolderStrategyRef);
@@ -291,7 +288,7 @@ final class AuthenticationConfigBuilder {
 		if (formLoginElt != null || this.autoConfig) {
 			FormLoginBeanDefinitionParser parser = new FormLoginBeanDefinitionParser("/login", "POST",
 					AUTHENTICATION_PROCESSING_FILTER_CLASS, this.requestCache, sessionStrategy,
-					this.allowSessionCreation, this.portMapper, this.portResolver);
+					this.allowSessionCreation, this.portMapper);
 			parser.parse(formLoginElt, this.pc);
 			formFilter = parser.getFilterBean();
 			this.formEntryPoint = parser.getEntryPointBean();
@@ -334,8 +331,7 @@ final class AuthenticationConfigBuilder {
 		}
 		this.oauth2LoginEnabled = true;
 		OAuth2LoginBeanDefinitionParser parser = new OAuth2LoginBeanDefinitionParser(this.requestCache, this.portMapper,
-				this.portResolver, sessionStrategy, this.allowSessionCreation,
-				authenticationFilterSecurityContextHolderStrategy);
+				sessionStrategy, this.allowSessionCreation, authenticationFilterSecurityContextHolderStrategy);
 		BeanDefinition oauth2LoginFilterBean = parser.parse(oauth2LoginElt, this.pc);
 		BeanDefinition defaultAuthorizedClientRepository = parser.getDefaultAuthorizedClientRepository();
 		registerDefaultAuthorizedClientRepositoryIfNecessary(defaultAuthorizedClientRepository);
@@ -437,7 +433,7 @@ final class AuthenticationConfigBuilder {
 			return;
 		}
 		Saml2LoginBeanDefinitionParser parser = new Saml2LoginBeanDefinitionParser(this.csrfIgnoreRequestMatchers,
-				this.portMapper, this.portResolver, this.requestCache, this.allowSessionCreation, authenticationManager,
+				this.portMapper, this.requestCache, this.allowSessionCreation, authenticationManager,
 				authenticationFilterSecurityContextRepositoryRef, this.authenticationProviders,
 				this.defaultEntryPointMappings);
 		BeanDefinition saml2WebSsoAuthenticationFilter = parser.parse(saml2LoginElt, this.pc);

config/src/main/java/org/springframework/security/config/http/FormLoginBeanDefinitionParser.java

@@ -85,8 +85,6 @@ public class FormLoginBeanDefinitionParser {
 
 	private final BeanReference portMapper;
 
-	private final BeanReference portResolver;
-
 	private RootBeanDefinition filterBean;
 
 	private RootBeanDefinition entryPointBean;
@@ -99,7 +97,7 @@ public class FormLoginBeanDefinitionParser {
 
 	FormLoginBeanDefinitionParser(String defaultLoginProcessingUrl, String loginMethod, String filterClassName,
 			BeanReference requestCache, BeanReference sessionStrategy, boolean allowSessionCreation,
-			BeanReference portMapper, BeanReference portResolver) {
+			BeanReference portMapper) {
 		this.defaultLoginProcessingUrl = defaultLoginProcessingUrl;
 		this.loginMethod = loginMethod;
 		this.filterClassName = filterClassName;
@@ -107,7 +105,6 @@ public class FormLoginBeanDefinitionParser {
 		this.sessionStrategy = sessionStrategy;
 		this.allowSessionCreation = allowSessionCreation;
 		this.portMapper = portMapper;
-		this.portResolver = portResolver;
 	}
 
 	public BeanDefinition parse(Element elt, ParserContext pc) {
@@ -163,7 +160,6 @@ public class FormLoginBeanDefinitionParser {
 		entryPointBuilder.getRawBeanDefinition().setSource(source);
 		entryPointBuilder.addConstructorArgValue((this.loginPage != null) ? this.loginPage : DEF_LOGIN_PAGE);
 		entryPointBuilder.addPropertyValue("portMapper", this.portMapper);
-		entryPointBuilder.addPropertyValue("portResolver", this.portResolver);
 		this.entryPointBean = (RootBeanDefinition) entryPointBuilder.getBeanDefinition();
 		return null;
 	}

config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java

@@ -201,8 +201,6 @@ class HttpConfigurationBuilder {
 
 	private final BeanReference portMapper;
 
-	private final BeanReference portResolver;
-
 	private BeanReference fsi;
 
 	private BeanReference requestCache;
@@ -228,12 +226,11 @@ class HttpConfigurationBuilder {
 	private boolean addAllAuth;
 
 	HttpConfigurationBuilder(Element element, boolean addAllAuth, ParserContext pc, BeanReference portMapper,
-			BeanReference portResolver, BeanReference authenticationManager, BeanMetadataElement observationRegistry) {
+			BeanReference authenticationManager, BeanMetadataElement observationRegistry) {
 		this.httpElt = element;
 		this.addAllAuth = addAllAuth;
 		this.pc = pc;
 		this.portMapper = portMapper;
-		this.portResolver = portResolver;
 		this.matcherType = MatcherType.fromElementOrMvc(element);
 		this.interceptUrls = DomUtils.getChildElementsByTagName(element, Elements.INTERCEPT_URL);
 		validateInterceptUrls(pc);
@@ -693,9 +690,7 @@ class HttpConfigurationBuilder {
 		RootBeanDefinition retryWithHttp = new RootBeanDefinition(RetryWithHttpEntryPoint.class);
 		RootBeanDefinition retryWithHttps = new RootBeanDefinition(RetryWithHttpsEntryPoint.class);
 		retryWithHttp.getPropertyValues().addPropertyValue("portMapper", this.portMapper);
-		retryWithHttp.getPropertyValues().addPropertyValue("portResolver", this.portResolver);
 		retryWithHttps.getPropertyValues().addPropertyValue("portMapper", this.portMapper);
-		retryWithHttps.getPropertyValues().addPropertyValue("portResolver", this.portResolver);
 		secureChannelProcessor.getPropertyValues().addPropertyValue("entryPoint", retryWithHttps);
 		RootBeanDefinition inSecureChannelProcessor = new RootBeanDefinition(InsecureChannelProcessor.class);
 		inSecureChannelProcessor.getPropertyValues().addPropertyValue("entryPoint", retryWithHttp);
@@ -751,7 +746,6 @@ class HttpConfigurationBuilder {
 				requestCacheBldr = BeanDefinitionBuilder.rootBeanDefinition(HttpSessionRequestCache.class);
 				requestCacheBldr.addPropertyValue("createSessionAllowed",
 						this.sessionPolicy == SessionCreationPolicy.IF_REQUIRED);
-				requestCacheBldr.addPropertyValue("portResolver", this.portResolver);
 				if (this.csrfFilter != null) {
 					BeanDefinitionBuilder requestCacheMatcherBldr = BeanDefinitionBuilder
 						.rootBeanDefinition(RequestMatcherFactoryBean.class);

config/src/main/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParser.java

@@ -57,7 +57,6 @@ import org.springframework.security.config.authentication.AuthenticationManagerF
 import org.springframework.security.web.DefaultSecurityFilterChain;
 import org.springframework.security.web.FilterChainProxy;
 import org.springframework.security.web.ObservationFilterChainDecorator;
-import org.springframework.security.web.PortResolverImpl;
 import org.springframework.security.web.firewall.ObservationMarkingRequestRejectedHandler;
 import org.springframework.security.web.util.matcher.AnyRequestMatcher;
 import org.springframework.util.StringUtils;
@@ -151,19 +150,18 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 			return createSecurityFilterChainBean(element, pc, Collections.emptyList());
 		}
 		BeanReference portMapper = createPortMapper(element, pc);
-		BeanReference portResolver = createPortResolver(portMapper, pc);
 		ManagedList<BeanReference> authenticationProviders = new ManagedList<>();
 		BeanReference authenticationManager = createAuthenticationManager(element, pc, authenticationProviders);
 		boolean forceAutoConfig = isDefaultHttpConfig(element);
 		BeanMetadataElement observationRegistry = getObservationRegistry(element);
 		HttpConfigurationBuilder httpBldr = new HttpConfigurationBuilder(element, forceAutoConfig, pc, portMapper,
-				portResolver, authenticationManager, observationRegistry);
+				authenticationManager, observationRegistry);
 		httpBldr.getSecurityContextRepositoryForAuthenticationFilters();
 		AuthenticationConfigBuilder authBldr = new AuthenticationConfigBuilder(element, forceAutoConfig, pc,
 				httpBldr.getSessionCreationPolicy(), httpBldr.getRequestCache(), authenticationManager,
 				httpBldr.getSecurityContextHolderStrategyForAuthenticationFilters(),
 				httpBldr.getSecurityContextRepositoryForAuthenticationFilters(), httpBldr.getSessionStrategy(),
-				portMapper, portResolver, httpBldr.getCsrfLogoutHandler());
+				portMapper, httpBldr.getCsrfLogoutHandler());
 		httpBldr.setLogoutHandlers(authBldr.getLogoutHandlers());
 		httpBldr.setEntryPoint(authBldr.getEntryPointBean());
 		httpBldr.setAccessDeniedHandler(authBldr.getAccessDeniedHandlerBean());
@@ -241,18 +239,6 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 		return new RuntimeBeanReference(portMapperName);
 	}
 
-	private RuntimeBeanReference createPortResolver(BeanReference portMapper, ParserContext pc) {
-		String beanName = "portResolver";
-		if (pc.getRegistry().containsBeanDefinition(beanName)) {
-			return new RuntimeBeanReference(beanName);
-		}
-		RootBeanDefinition portResolver = new RootBeanDefinition(PortResolverImpl.class);
-		portResolver.getPropertyValues().addPropertyValue("portMapper", portMapper);
-		String portResolverName = pc.getReaderContext().generateBeanName(portResolver);
-		pc.registerBeanComponent(new BeanComponentDefinition(portResolver, portResolverName));
-		return new RuntimeBeanReference(portResolverName);
-	}
-
 	/**
 	 * Creates the internal AuthenticationManager bean which uses either the externally
 	 * registered (global) one as a parent or the bean specified by

config/src/main/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParser.java

@@ -111,8 +111,6 @@ final class OAuth2LoginBeanDefinitionParser implements BeanDefinitionParser {
 
 	private final BeanReference portMapper;
 
-	private final BeanReference portResolver;
-
 	private final BeanReference sessionStrategy;
 
 	private final boolean allowSessionCreation;
@@ -131,12 +129,10 @@ final class OAuth2LoginBeanDefinitionParser implements BeanDefinitionParser {
 
 	private BeanDefinition oauth2LoginLinks;
 
-	OAuth2LoginBeanDefinitionParser(BeanReference requestCache, BeanReference portMapper, BeanReference portResolver,
-			BeanReference sessionStrategy, boolean allowSessionCreation,
-			BeanMetadataElement authenticationFilterSecurityContextHolderStrategy) {
+	OAuth2LoginBeanDefinitionParser(BeanReference requestCache, BeanReference portMapper, BeanReference sessionStrategy,
+			boolean allowSessionCreation, BeanMetadataElement authenticationFilterSecurityContextHolderStrategy) {
 		this.requestCache = requestCache;
 		this.portMapper = portMapper;
-		this.portResolver = portResolver;
 		this.sessionStrategy = sessionStrategy;
 		this.allowSessionCreation = allowSessionCreation;
 		this.authenticationFilterSecurityContextHolderStrategy = authenticationFilterSecurityContextHolderStrategy;
@@ -231,7 +227,6 @@ final class OAuth2LoginBeanDefinitionParser implements BeanDefinitionParser {
 				.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class)
 				.addConstructorArgValue(loginPage)
 				.addPropertyValue("portMapper", this.portMapper)
-				.addPropertyValue("portResolver", this.portResolver)
 				.getBeanDefinition();
 		}
 		else {

config/src/main/java/org/springframework/security/config/http/Saml2LoginBeanDefinitionParser.java

@@ -76,8 +76,6 @@ final class Saml2LoginBeanDefinitionParser implements BeanDefinitionParser {
 
 	private final BeanReference portMapper;
 
-	private final BeanReference portResolver;
-
 	private final BeanReference requestCache;
 
 	private final boolean allowSessionCreation;
@@ -97,12 +95,11 @@ final class Saml2LoginBeanDefinitionParser implements BeanDefinitionParser {
 	private BeanDefinition saml2AuthenticationUrlToProviderName;
 
 	Saml2LoginBeanDefinitionParser(List<BeanDefinition> csrfIgnoreRequestMatchers, BeanReference portMapper,
-			BeanReference portResolver, BeanReference requestCache, boolean allowSessionCreation,
-			BeanReference authenticationManager, BeanReference authenticationFilterSecurityContextRepositoryRef,
-			List<BeanReference> authenticationProviders, Map<BeanDefinition, BeanMetadataElement> entryPoints) {
+			BeanReference requestCache, boolean allowSessionCreation, BeanReference authenticationManager,
+			BeanReference authenticationFilterSecurityContextRepositoryRef, List<BeanReference> authenticationProviders,
+			Map<BeanDefinition, BeanMetadataElement> entryPoints) {
 		this.csrfIgnoreRequestMatchers = csrfIgnoreRequestMatchers;
 		this.portMapper = portMapper;
-		this.portResolver = portResolver;
 		this.requestCache = requestCache;
 		this.allowSessionCreation = allowSessionCreation;
 		this.authenticationManager = authenticationManager;
@@ -198,7 +195,6 @@ final class Saml2LoginBeanDefinitionParser implements BeanDefinitionParser {
 				.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class)
 				.addConstructorArgValue(loginPage)
 				.addPropertyValue("portMapper", this.portMapper)
-				.addPropertyValue("portResolver", this.portResolver)
 				.getBeanDefinition();
 		}
 		else {
@@ -209,7 +205,6 @@ final class Saml2LoginBeanDefinitionParser implements BeanDefinitionParser {
 					.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class)
 					.addConstructorArgValue(loginUrl)
 					.addPropertyValue("portMapper", this.portMapper)
-					.addPropertyValue("portResolver", this.portResolver)
 					.getBeanDefinition();
 			}
 		}

config/src/test/java/org/springframework/security/SerializationSamples.java

@@ -189,7 +189,6 @@ import org.springframework.security.saml2.provider.service.authentication.logout
 import org.springframework.security.saml2.provider.service.registration.OpenSamlAssertingPartyDetails;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
 import org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations;
-import org.springframework.security.web.PortResolverImpl;
 import org.springframework.security.web.authentication.AuthenticationFilter;
 import org.springframework.security.web.authentication.WebAuthenticationDetails;
 import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
@@ -605,7 +604,7 @@ final class SerializationSamples {
 			request.addParameter("parameter", "value");
 			request.setPathInfo("/path");
 			request.addPreferredLocale(Locale.ENGLISH);
-			return new SimpleSavedRequest(new DefaultSavedRequest(request, new PortResolverImpl(), "continue"));
+			return new SimpleSavedRequest(new DefaultSavedRequest(request, "continue"));
 		});
 
 		generatorByClassName.put(HttpSessionIdChangedEvent.class,

config/src/test/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.java

@@ -38,7 +38,6 @@ import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders;
 import org.springframework.security.web.PortMapper;
-import org.springframework.security.web.PortResolver;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.access.ExceptionTranslationFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
@@ -379,13 +378,6 @@ public class FormLoginConfigurerTests {
 		verify(ObjectPostProcessorConfig.objectPostProcessor).postProcess(any(ExceptionTranslationFilter.class));
 	}
 
-	@Test
-	public void configureWhenPortResolverBeanThenPortResolverUsed() throws Exception {
-		this.spring.register(CustomPortResolverConfig.class).autowire();
-		this.mockMvc.perform(get("/requires-authentication")).andExpect(status().is3xxRedirection());
-		verify(this.spring.getContext().getBean(PortResolver.class)).getServerPort(any());
-	}
-
 	@Configuration
 	@EnableWebSecurity
 	static class RequestCacheConfig {
@@ -713,35 +705,6 @@ public class FormLoginConfigurerTests {
 
 	}
 
-	@Configuration
-	@EnableWebSecurity
-	static class CustomPortResolverConfig {
-
-		@Bean
-		SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-			// @formatter:off
-			http
-				.authorizeHttpRequests((authorize) -> authorize
-					.anyRequest().authenticated()
-				)
-				.formLogin(withDefaults())
-				.requestCache(withDefaults());
-			return http.build();
-			// @formatter:on
-		}
-
-		@Bean
-		PortResolver portResolver() {
-			return mock(PortResolver.class);
-		}
-
-		@Bean
-		UserDetailsService userDetailsService() {
-			return new InMemoryUserDetailsManager(PasswordEncodedUser.user());
-		}
-
-	}
-
 	static class ReflectingObjectPostProcessor implements ObjectPostProcessor<Object> {
 
 		@Override

config/src/test/java/org/springframework/security/config/http/FormLoginConfigTests.java

@@ -35,7 +35,6 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolderStrategy;
 import org.springframework.security.web.FilterChainProxy;
-import org.springframework.security.web.PortResolver;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
@@ -46,7 +45,6 @@ import org.springframework.web.bind.annotation.RestController;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
-import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.atLeastOnce;
 import static org.mockito.Mockito.verify;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
@@ -212,17 +210,6 @@ public class FormLoginConfigTests {
 		// @formatter:on
 	}
 
-	@Test
-	public void portResolver() throws Exception {
-		this.spring.configLocations(this.xml("PortResolverBean")).autowire();
-		// @formatter:off
-		this.mvc.perform(get("/requires-authentication"))
-				.andExpect(status().is3xxRedirection());
-		// @formatter:on
-		PortResolver portResolver = this.spring.getContext().getBean(PortResolver.class);
-		verify(portResolver, atLeastOnce()).getServerPort(any());
-	}
-
 	private Filter getFilter(ApplicationContext context, Class<? extends Filter> filterClass) {
 		FilterChainProxy filterChain = context.getBean(BeanIds.FILTER_CHAIN_PROXY, FilterChainProxy.class);
 		List<Filter> filters = filterChain.getFilters("/any");

config/src/test/kotlin/org/springframework/security/config/annotation/web/FormLoginDslTests.kt

@@ -35,7 +35,6 @@ import org.springframework.security.core.userdetails.User
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestBuilders.formLogin
 import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf
 import org.springframework.security.test.web.servlet.response.SecurityMockMvcResultMatchers.authenticated
-import org.springframework.security.web.PortResolver
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler
@@ -242,29 +241,6 @@ class FormLoginDslTests {
         }
     }
 
-    @Test
-    fun `portResolerBean is used`() {
-        this.spring.register(PortResolverBeanConfig::class.java, AllSecuredConfig::class.java, UserConfig::class.java).autowire()
-
-        val portResolver = this.spring.context.getBean(PortResolver::class.java)
-        every { portResolver.getServerPort(any()) }.returns(1234)
-        this.mockMvc.get("/")
-            .andExpect {
-                status().isFound
-                redirectedUrl("http://localhost:1234/login")
-            }
-
-        verify { portResolver.getServerPort(any()) }
-    }
-
-    @Configuration
-    open class PortResolverBeanConfig {
-        @Bean
-        open fun portResolverBean(): PortResolver {
-            return mockk()
-        }
-    }
-
     @Test
     fun `login when custom failure url then used`() {
         this.spring.register(FailureHandlerConfig::class.java, UserConfig::class.java).autowire()

config/src/test/resources/org/springframework/security/config/http/FormLoginConfigTests-PortResolverBean.xml

@@ -1,37 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  ~ Copyright 2004-present the original author or authors.
-  ~
-  ~ Licensed under the Apache License, Version 2.0 (the "License");
-  ~ you may not use this file except in compliance with the License.
-  ~ You may obtain a copy of the License at
-  ~
-  ~       https://www.apache.org/licenses/LICENSE-2.0
-  ~
-  ~ Unless required by applicable law or agreed to in writing, software
-  ~ distributed under the License is distributed on an "AS IS" BASIS,
-  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  ~ See the License for the specific language governing permissions and
-  ~ limitations under the License.
-  -->
-
-<b:beans xmlns:b="http://www.springframework.org/schema/beans"
-		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xmlns="http://www.springframework.org/schema/security"
-		xsi:schemaLocation="
-			http://www.springframework.org/schema/security
-			https://www.springframework.org/schema/security/spring-security.xsd
-			http://www.springframework.org/schema/beans
-			https://www.springframework.org/schema/beans/spring-beans.xsd">
-
-	<b:bean id="portResolver" class="org.mockito.Mockito" factory-method="mock" scope="singleton">
-		<b:constructor-arg value="org.springframework.security.web.PortResolver" type="java.lang.Class"/>
-	</b:bean>
-
-	<http auto-config="true">
-		<csrf disabled="true"/>
-		<intercept-url pattern="/**" access="authenticated"/>
-	</http>
-
-	<b:import resource="userservice.xml"/>
-</b:beans>

web/src/main/java/org/springframework/security/web/FilterInvocation.java

@@ -115,8 +115,6 @@ public class FilterInvocation {
 	/**
 	 * Indicates the URL that the user agent used for this request.
 	 * <p>
-	 * The returned URL does <b>not</b> reflect the port number determined from a
-	 * {@link org.springframework.security.web.PortResolver}.
 	 * @return the full URL of this request
 	 */
 	public String getFullRequestUrl() {

web/src/main/java/org/springframework/security/web/PortMapper.java

@@ -16,6 +16,9 @@
 
 package org.springframework.security.web;
 
+import java.util.Locale;
+
+import jakarta.servlet.ServletRequest;
 import org.jspecify.annotations.Nullable;
 
 /**
@@ -46,4 +49,22 @@ public interface PortMapper {
 	 */
 	@Nullable Integer lookupHttpsPort(Integer httpPort);
 
+	/**
+	 * Get server port from request and automatically apply the configured mapping.
+	 * @param request ServletRequest
+	 * @return the mapped port
+	 */
+	default Integer getServerPort(ServletRequest request) {
+		int serverPort = request.getServerPort();
+		String scheme = request.getScheme().toLowerCase(Locale.ENGLISH);
+		Integer mappedPort = null;
+		if ("http".equals(scheme)) {
+			mappedPort = lookupHttpPort(serverPort);
+		}
+		else if ("https".equals(scheme)) {
+			mappedPort = lookupHttpsPort(serverPort);
+		}
+		return (mappedPort != null) ? mappedPort : serverPort;
+	}
+
 }

web/src/main/java/org/springframework/security/web/PortResolver.java

@@ -1,51 +0,0 @@
-/*
- * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.web;
-
-import jakarta.servlet.ServletRequest;
-
-/**
- * A <code>PortResolver</code> determines the port a web request was received on.
- *
- * <P>
- * This interface is necessary because <code>ServletRequest.getServerPort()</code> may not
- * return the correct port in certain circumstances. For example, if the browser does not
- * construct the URL correctly after a redirect.
- * </p>
- *
- * @author Ben Alex
- * @deprecated This existed for an old IE bug and is no longer need.
- */
-@Deprecated(forRemoval = true, since = "6.5")
-public interface PortResolver {
-
-	PortResolver NO_OP = new PortResolver() {
-
-		@Override
-		public int getServerPort(ServletRequest request) {
-			return request.getServerPort();
-		}
-	};
-
-	/**
-	 * Indicates the port the <code>ServletRequest</code> was received on.
-	 * @param request that the method should lookup the port for
-	 * @return the port the request was received on
-	 */
-	int getServerPort(ServletRequest request);
-
-}

web/src/main/java/org/springframework/security/web/PortResolverImpl.java

@@ -1,73 +0,0 @@
-/*
- * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.web;
-
-import java.util.Locale;
-
-import jakarta.servlet.ServletRequest;
-import org.jspecify.annotations.Nullable;
-
-import org.springframework.util.Assert;
-
-/**
- * Concrete implementation of {@link PortResolver} that obtains the port from
- * <tt>ServletRequest.getServerPort()</tt>.
- * <p>
- * This class is capable of handling the IE bug which results in an incorrect URL being
- * presented in the header subsequent to a redirect to a different scheme and port where
- * the port is not a well-known number (ie 80 or 443). Handling involves detecting an
- * incorrect response from <code>ServletRequest.getServerPort()</code> for the scheme (eg
- * a HTTP request on 8443) and then determining the real server port (eg HTTP request is
- * really on 8080). The map of valid ports is obtained from the configured
- * {@link PortMapper}.
- *
- * @author Ben Alex
- * @deprecated This existed for an old IE bug and is no longer need.
- */
-@Deprecated(forRemoval = true)
-public class PortResolverImpl implements PortResolver {
-
-	private PortMapper portMapper = new PortMapperImpl();
-
-	public PortMapper getPortMapper() {
-		return this.portMapper;
-	}
-
-	@Override
-	public int getServerPort(ServletRequest request) {
-		int serverPort = request.getServerPort();
-		String scheme = request.getScheme().toLowerCase(Locale.ENGLISH);
-		Integer mappedPort = getMappedPort(serverPort, scheme);
-		return (mappedPort != null) ? mappedPort : serverPort;
-	}
-
-	private @Nullable Integer getMappedPort(int serverPort, String scheme) {
-		if ("http".equals(scheme)) {
-			return this.portMapper.lookupHttpPort(serverPort);
-		}
-		if ("https".equals(scheme)) {
-			return this.portMapper.lookupHttpsPort(serverPort);
-		}
-		return null;
-	}
-
-	public void setPortMapper(PortMapper portMapper) {
-		Assert.notNull(portMapper, "portMapper cannot be null");
-		this.portMapper = portMapper;
-	}
-
-}

web/src/main/java/org/springframework/security/web/access/channel/AbstractRetryEntryPoint.java

@@ -28,8 +28,6 @@ import org.springframework.core.log.LogMessage;
 import org.springframework.security.web.DefaultRedirectStrategy;
 import org.springframework.security.web.PortMapper;
 import org.springframework.security.web.PortMapperImpl;
-import org.springframework.security.web.PortResolver;
-import org.springframework.security.web.PortResolverImpl;
 import org.springframework.security.web.RedirectStrategy;
 import org.springframework.util.Assert;
 
@@ -46,8 +44,6 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
 
 	private PortMapper portMapper = new PortMapperImpl();
 
-	private PortResolver portResolver = new PortResolverImpl();
-
 	/**
 	 * The scheme ("http://" or "https://")
 	 */
@@ -69,7 +65,7 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
 	public void commence(HttpServletRequest request, HttpServletResponse response) throws IOException {
 		String queryString = request.getQueryString();
 		String redirectUrl = request.getRequestURI() + ((queryString != null) ? ("?" + queryString) : "");
-		Integer currentPort = this.portResolver.getServerPort(request);
+		Integer currentPort = this.portMapper.getServerPort(request);
 		Integer redirectPort = getMappedPort(currentPort);
 		if (redirectPort != null) {
 			boolean includePort = redirectPort != this.standardPort;
@@ -91,17 +87,6 @@ public abstract class AbstractRetryEntryPoint implements ChannelEntryPoint {
 		this.portMapper = portMapper;
 	}
 
-	@Deprecated(forRemoval = true)
-	public void setPortResolver(PortResolver portResolver) {
-		Assert.notNull(portResolver, "portResolver cannot be null");
-		this.portResolver = portResolver;
-	}
-
-	@Deprecated(forRemoval = true)
-	protected final PortResolver getPortResolver() {
-		return this.portResolver;
-	}
-
 	/**
 	 * Sets the strategy to be used for redirecting to the required channel URL. A
 	 * {@code DefaultRedirectStrategy} instance will be used if not set.

web/src/main/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPoint.java

@@ -20,6 +20,7 @@ import java.io.IOException;
 
 import jakarta.servlet.RequestDispatcher;
 import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.apache.commons.logging.Log;
@@ -33,8 +34,6 @@ import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.security.web.DefaultRedirectStrategy;
 import org.springframework.security.web.PortMapper;
 import org.springframework.security.web.PortMapperImpl;
-import org.springframework.security.web.PortResolver;
-import org.springframework.security.web.PortResolverImpl;
 import org.springframework.security.web.RedirectStrategy;
 import org.springframework.security.web.access.ExceptionTranslationFilter;
 import org.springframework.security.web.util.RedirectUrlBuilder;
@@ -71,8 +70,6 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 
 	private PortMapper portMapper = new PortMapperImpl();
 
-	private PortResolver portResolver = new PortResolverImpl();
-
 	private String loginFormUrl;
 
 	private boolean forceHttps = false;
@@ -100,7 +97,6 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 		Assert.isTrue(!this.useForward || !UrlUtils.isAbsoluteUrl(this.loginFormUrl),
 				"useForward must be false if using an absolute loginFormURL");
 		Assert.notNull(this.portMapper, "portMapper must be specified");
-		Assert.notNull(this.portResolver, "portResolver must be specified");
 	}
 
 	/**
@@ -129,7 +125,7 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 			return;
 		}
 		String redirectUrl = null;
-		if (this.forceHttps && "http".equals(request.getScheme())) {
+		if (requiresRewrite(request)) {
 			// First redirect the current request to HTTPS. When that request is received,
 			// the forward to the login page will be used.
 			redirectUrl = buildHttpsRedirectUrlForRequest(request);
@@ -161,7 +157,7 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 	}
 
 	private String httpsUri(HttpServletRequest request, String path) {
-		int serverPort = this.portResolver.getServerPort(request);
+		int serverPort = getServerPort(request);
 		Integer httpsPort = this.portMapper.lookupHttpsPort(serverPort);
 		if (httpsPort == null) {
 			logger.warn(LogMessage.format("Unable to redirect to HTTPS as no port mapping found for HTTP port %s",
@@ -178,7 +174,7 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 		RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder();
 		urlBuilder.setScheme(request.getScheme());
 		urlBuilder.setServerName(request.getServerName());
-		urlBuilder.setPort(this.portResolver.getServerPort(request));
+		urlBuilder.setPort(getServerPort(request));
 		urlBuilder.setContextPath(request.getContextPath());
 		urlBuilder.setPathInfo(path);
 		return urlBuilder;
@@ -190,7 +186,7 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 	 */
 	protected @Nullable String buildHttpsRedirectUrlForRequest(HttpServletRequest request)
 			throws IOException, ServletException {
-		int serverPort = this.portResolver.getServerPort(request);
+		int serverPort = getServerPort(request);
 		Integer httpsPort = this.portMapper.lookupHttpsPort(serverPort);
 		if (httpsPort != null) {
 			RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder();
@@ -209,6 +205,10 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 		return null;
 	}
 
+	public int getServerPort(ServletRequest request) {
+		return this.portMapper.getServerPort(request);
+	}
+
 	/**
 	 * Set to true to force login form access to be via https. If this value is true (the
 	 * default is false), and the incoming request for the protected resource which
@@ -237,17 +237,6 @@ public class LoginUrlAuthenticationEntryPoint implements AuthenticationEntryPoin
 		return this.portMapper;
 	}
 
-	@Deprecated(forRemoval = true)
-	public void setPortResolver(PortResolver portResolver) {
-		Assert.notNull(portResolver, "portResolver cannot be null");
-		this.portResolver = portResolver;
-	}
-
-	@Deprecated(forRemoval = true)
-	protected PortResolver getPortResolver() {
-		return this.portResolver;
-	}
-
 	/**
 	 * Tells if we are to do a forward to the {@code loginFormUrl} using the
 	 * {@code RequestDispatcher}, instead of a 302 redirect.

web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java

@@ -34,7 +34,6 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.jspecify.annotations.Nullable;
 
-import org.springframework.security.web.PortResolver;
 import org.springframework.security.web.util.UrlUtils;
 import org.springframework.util.Assert;
 import org.springframework.util.ObjectUtils;
@@ -106,20 +105,7 @@ public class DefaultSavedRequest implements SavedRequest {
 	}
 
 	public DefaultSavedRequest(HttpServletRequest request, @Nullable String matchingRequestParameterName) {
-		this(request, PortResolver.NO_OP, matchingRequestParameterName);
-	}
-
-	@Deprecated(forRemoval = true)
-	public DefaultSavedRequest(HttpServletRequest request, PortResolver portResolver) {
-		this(request, portResolver, null);
-	}
-
-	@SuppressWarnings("unchecked")
-	@Deprecated(forRemoval = true)
-	public DefaultSavedRequest(HttpServletRequest request, PortResolver portResolver,
-			@Nullable String matchingRequestParameterName) {
 		Assert.notNull(request, "Request required");
-		Assert.notNull(portResolver, "PortResolver required");
 		// Cookies
 		addCookies(request.getCookies());
 		// Headers
@@ -144,7 +130,7 @@ public class DefaultSavedRequest implements SavedRequest {
 		this.pathInfo = request.getPathInfo();
 		this.queryString = request.getQueryString();
 		this.requestURI = request.getRequestURI();
-		this.serverPort = portResolver.getServerPort(request);
+		this.serverPort = request.getServerPort();
 		this.requestURL = request.getRequestURL().toString();
 		this.scheme = request.getScheme();
 		this.serverName = request.getServerName();
@@ -225,51 +211,6 @@ public class DefaultSavedRequest implements SavedRequest {
 		this.parameters.put(name, values);
 	}
 
-	/**
-	 * Determines if the current request matches the <code>DefaultSavedRequest</code>.
-	 * <p>
-	 * All URL arguments are considered but not cookies, locales, headers or parameters.
-	 * @param request the actual request to be matched against this one
-	 * @param portResolver used to obtain the server port of the request
-	 * @return true if the request is deemed to match this one.
-	 * @deprecated This is deprecated for removal. Users can compare
-	 * {@link #getRedirectUrl()} to the {@link HttpServletRequest} URL instead.
-	 */
-	@Deprecated(forRemoval = true)
-	public boolean doesRequestMatch(HttpServletRequest request, PortResolver portResolver) {
-		if (!propertyEquals(this.pathInfo, request.getPathInfo())) {
-			return false;
-		}
-		if (!propertyEquals(createQueryString(this.queryString, this.matchingRequestParameterName),
-				request.getQueryString())) {
-			return false;
-		}
-		if (!propertyEquals(this.requestURI, request.getRequestURI())) {
-			return false;
-		}
-		if (!"GET".equals(request.getMethod()) && "GET".equals(this.method)) {
-			// A save GET should not match an incoming non-GET method
-			return false;
-		}
-		if (!propertyEquals(this.serverPort, portResolver.getServerPort(request))) {
-			return false;
-		}
-		if (!propertyEquals(this.requestURL, request.getRequestURL().toString())) {
-			return false;
-		}
-		if (!propertyEquals(this.scheme, request.getScheme())) {
-			return false;
-		}
-		if (!propertyEquals(this.serverName, request.getServerName())) {
-			return false;
-		}
-		if (!propertyEquals(this.contextPath, request.getContextPath())) {
-			return false;
-		}
-		return propertyEquals(this.servletPath, request.getServletPath());
-
-	}
-
 	public @Nullable String getContextPath() {
 		return this.contextPath;
 	}

web/src/main/java/org/springframework/security/web/savedrequest/HttpSessionRequestCache.java

@@ -24,8 +24,6 @@ import org.apache.commons.logging.LogFactory;
 import org.jspecify.annotations.Nullable;
 
 import org.springframework.core.log.LogMessage;
-import org.springframework.security.web.PortResolver;
-import org.springframework.security.web.PortResolverImpl;
 import org.springframework.security.web.util.UrlUtils;
 import org.springframework.security.web.util.matcher.AnyRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
@@ -47,8 +45,6 @@ public class HttpSessionRequestCache implements RequestCache {
 
 	protected final Log logger = LogFactory.getLog(this.getClass());
 
-	private PortResolver portResolver = new PortResolverImpl();
-
 	private boolean createSessionAllowed = true;
 
 	private RequestMatcher requestMatcher = AnyRequestMatcher.INSTANCE;
@@ -74,8 +70,7 @@ public class HttpSessionRequestCache implements RequestCache {
 			// Store the HTTP request itself. Used by
 			// AbstractAuthenticationProcessingFilter
 			// for redirection after successful authentication (SEC-29)
-			DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, this.portResolver,
-					this.matchingRequestParameterName);
+			DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, this.matchingRequestParameterName);
 			request.getSession().setAttribute(this.sessionAttrName, savedRequest);
 			if (this.logger.isDebugEnabled()) {
 				this.logger.debug(LogMessage.format("Saved request %s to session", savedRequest.getRedirectUrl()));
@@ -134,10 +129,6 @@ public class HttpSessionRequestCache implements RequestCache {
 	}
 
 	private boolean matchesSavedRequest(HttpServletRequest request, SavedRequest savedRequest) {
-		if (savedRequest instanceof DefaultSavedRequest) {
-			DefaultSavedRequest defaultSavedRequest = (DefaultSavedRequest) savedRequest;
-			return defaultSavedRequest.doesRequestMatch(request, this.portResolver);
-		}
 		String currentUrl = UrlUtils.buildFullRequestUrl(request);
 		return savedRequest.getRedirectUrl().equals(currentUrl);
 	}
@@ -165,11 +156,6 @@ public class HttpSessionRequestCache implements RequestCache {
 		this.createSessionAllowed = createSessionAllowed;
 	}
 
-	@Deprecated(forRemoval = true)
-	public void setPortResolver(PortResolver portResolver) {
-		this.portResolver = portResolver;
-	}
-
 	/**
 	 * If the {@code sessionAttrName} property is set, the request is stored in the
 	 * session using this attribute name. Default is "SPRING_SECURITY_SAVED_REQUEST".

web/src/test/java/org/springframework/security/MockPortResolver.java

@@ -1,54 +0,0 @@
-/*
- * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security;
-
-import jakarta.servlet.ServletRequest;
-
-import org.springframework.security.web.PortResolver;
-
-/**
- * Always returns the constructor-specified HTTP and HTTPS ports.
- *
- * @author Ben Alex
- * @author nomoreFt
- * @deprecated
- */
-@Deprecated(forRemoval = true)
-public class MockPortResolver implements PortResolver {
-
-	private static final String HTTPS_SCHEME = "https";
-
-	private int http = 80;
-
-	private int https = 443;
-
-	public MockPortResolver(int http, int https) {
-		this.http = http;
-		this.https = https;
-	}
-
-	@Override
-	public int getServerPort(ServletRequest request) {
-		if (request.getScheme() != null && HTTPS_SCHEME.equals(request.getScheme())) {
-			return this.https;
-		}
-		else {
-			return this.http;
-		}
-	}
-
-}

web/src/test/java/org/springframework/security/web/PortResolverImplTests.java

@@ -1,74 +0,0 @@
-/*
- * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.web;
-
-import org.junit.jupiter.api.Test;
-
-import org.springframework.mock.web.MockHttpServletRequest;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
-
-/**
- * Tests {@link PortResolverImpl}.
- *
- * @author Ben Alex
- */
-public class PortResolverImplTests {
-
-	@Test
-	public void testDetectsBuggyIeHttpRequest() {
-		PortResolverImpl pr = new PortResolverImpl();
-		MockHttpServletRequest request = new MockHttpServletRequest();
-		request.setServerPort(8443);
-		request.setScheme("HTtP"); // proves case insensitive handling
-		assertThat(pr.getServerPort(request)).isEqualTo(8080);
-	}
-
-	@Test
-	public void testDetectsBuggyIeHttpsRequest() {
-		PortResolverImpl pr = new PortResolverImpl();
-		MockHttpServletRequest request = new MockHttpServletRequest();
-		request.setServerPort(8080);
-		request.setScheme("HTtPs"); // proves case insensitive handling
-		assertThat(pr.getServerPort(request)).isEqualTo(8443);
-	}
-
-	@Test
-	public void testDetectsEmptyPortMapper() {
-		PortResolverImpl pr = new PortResolverImpl();
-		assertThatIllegalArgumentException().isThrownBy(() -> pr.setPortMapper(null));
-	}
-
-	@Test
-	public void testGettersSetters() {
-		PortResolverImpl pr = new PortResolverImpl();
-		assertThat(pr.getPortMapper() != null).isTrue();
-		pr.setPortMapper(new PortMapperImpl());
-		assertThat(pr.getPortMapper() != null).isTrue();
-	}
-
-	@Test
-	public void testNormalOperation() {
-		PortResolverImpl pr = new PortResolverImpl();
-		MockHttpServletRequest request = new MockHttpServletRequest();
-		request.setScheme("http");
-		request.setServerPort(1021);
-		assertThat(pr.getServerPort(request)).isEqualTo(1021);
-	}
-
-}

web/src/test/java/org/springframework/security/web/access/ExceptionTranslationFilterTests.java

@@ -33,7 +33,6 @@ import org.springframework.context.MessageSource;
 import org.springframework.context.i18n.LocaleContextHolder;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.MockPortResolver;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
@@ -214,7 +213,6 @@ public class ExceptionTranslationFilterTests {
 		// Test
 		HttpSessionRequestCache requestCache = new HttpSessionRequestCache();
 		ExceptionTranslationFilter filter = new ExceptionTranslationFilter(this.mockEntryPoint, requestCache);
-		requestCache.setPortResolver(new MockPortResolver(8080, 8443));
 		filter.afterPropertiesSet();
 		MockHttpServletResponse response = new MockHttpServletResponse();
 		filter.doFilter(request, response, fc);

web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpEntryPointTests.java

@@ -23,10 +23,8 @@ import org.junit.jupiter.api.Test;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.MockPortResolver;
 import org.springframework.security.web.PortMapper;
 import org.springframework.security.web.PortMapperImpl;
-import org.springframework.security.web.PortResolver;
 import org.springframework.security.web.RedirectStrategy;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -46,23 +44,14 @@ public class RetryWithHttpEntryPointTests {
 		assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortMapper(null));
 	}
 
-	@Test
-	public void testDetectsMissingPortResolver() {
-		RetryWithHttpEntryPoint ep = new RetryWithHttpEntryPoint();
-		assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortResolver(null));
-	}
-
 	@Test
 	public void testGettersSetters() {
 		RetryWithHttpEntryPoint ep = new RetryWithHttpEntryPoint();
 		PortMapper portMapper = mock(PortMapper.class);
-		PortResolver portResolver = mock(PortResolver.class);
 		RedirectStrategy redirector = mock(RedirectStrategy.class);
 		ep.setPortMapper(portMapper);
-		ep.setPortResolver(portResolver);
 		ep.setRedirectStrategy(redirector);
 		assertThat(ep.getPortMapper()).isSameAs(portMapper);
-		assertThat(ep.getPortResolver()).isSameAs(portResolver);
 		assertThat(ep.getRedirectStrategy()).isSameAs(redirector);
 	}
 
@@ -76,7 +65,6 @@ public class RetryWithHttpEntryPointTests {
 		MockHttpServletResponse response = new MockHttpServletResponse();
 		RetryWithHttpEntryPoint ep = new RetryWithHttpEntryPoint();
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.commence(request, response);
 		assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/bigWebApp/hello/pathInfo.html?open=true");
 	}
@@ -90,7 +78,6 @@ public class RetryWithHttpEntryPointTests {
 		MockHttpServletResponse response = new MockHttpServletResponse();
 		RetryWithHttpEntryPoint ep = new RetryWithHttpEntryPoint();
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.commence(request, response);
 		assertThat(response.getRedirectedUrl()).isEqualTo("http://localhost/bigWebApp/hello");
 	}
@@ -105,7 +92,6 @@ public class RetryWithHttpEntryPointTests {
 		MockHttpServletResponse response = new MockHttpServletResponse();
 		RetryWithHttpEntryPoint ep = new RetryWithHttpEntryPoint();
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(8768, 1234));
 		ep.commence(request, response);
 		assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp?open=true");
 	}
@@ -123,7 +109,6 @@ public class RetryWithHttpEntryPointTests {
 		map.put("8888", "9999");
 		portMapper.setPortMappings(map);
 		RetryWithHttpEntryPoint ep = new RetryWithHttpEntryPoint();
-		ep.setPortResolver(new MockPortResolver(8888, 9999));
 		ep.setPortMapper(portMapper);
 		ep.commence(request, response);
 		assertThat(response.getRedirectedUrl())

web/src/test/java/org/springframework/security/web/access/channel/RetryWithHttpsEntryPointTests.java

@@ -23,7 +23,6 @@ import org.junit.jupiter.api.Test;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.MockPortResolver;
 import org.springframework.security.web.PortMapperImpl;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -42,19 +41,11 @@ public class RetryWithHttpsEntryPointTests {
 		assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortMapper(null));
 	}
 
-	@Test
-	public void testDetectsMissingPortResolver() {
-		RetryWithHttpsEntryPoint ep = new RetryWithHttpsEntryPoint();
-		assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortResolver(null));
-	}
-
 	@Test
 	public void testGettersSetters() {
 		RetryWithHttpsEntryPoint ep = new RetryWithHttpsEntryPoint();
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(8080, 8443));
 		assertThat(ep.getPortMapper() != null).isTrue();
-		assertThat(ep.getPortResolver() != null).isTrue();
 	}
 
 	@Test
@@ -67,7 +58,6 @@ public class RetryWithHttpsEntryPointTests {
 		MockHttpServletResponse response = new MockHttpServletResponse();
 		RetryWithHttpsEntryPoint ep = new RetryWithHttpsEntryPoint();
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.commence(request, response);
 		assertThat(response.getRedirectedUrl())
 			.isEqualTo("https://www.example.com/bigWebApp/hello/pathInfo.html?open=true");
@@ -82,7 +72,6 @@ public class RetryWithHttpsEntryPointTests {
 		MockHttpServletResponse response = new MockHttpServletResponse();
 		RetryWithHttpsEntryPoint ep = new RetryWithHttpsEntryPoint();
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.commence(request, response);
 		assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com/bigWebApp/hello");
 	}
@@ -97,7 +86,6 @@ public class RetryWithHttpsEntryPointTests {
 		MockHttpServletResponse response = new MockHttpServletResponse();
 		RetryWithHttpsEntryPoint ep = new RetryWithHttpsEntryPoint();
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(8768, 1234));
 		ep.commence(request, response);
 		assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp?open=true");
 	}
@@ -115,7 +103,6 @@ public class RetryWithHttpsEntryPointTests {
 		map.put("8888", "9999");
 		portMapper.setPortMappings(map);
 		RetryWithHttpsEntryPoint ep = new RetryWithHttpsEntryPoint();
-		ep.setPortResolver(new MockPortResolver(8888, 9999));
 		ep.setPortMapper(portMapper);
 		ep.commence(request, response);
 		assertThat(response.getRedirectedUrl())

web/src/test/java/org/springframework/security/web/authentication/LoginUrlAuthenticationEntryPointTests.java

@@ -23,7 +23,6 @@ import org.junit.jupiter.api.Test;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.MockPortResolver;
 import org.springframework.security.web.PortMapperImpl;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -49,20 +48,12 @@ public class LoginUrlAuthenticationEntryPointTests {
 		assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortMapper(null));
 	}
 
-	@Test
-	public void testDetectsMissingPortResolver() {
-		LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/login");
-		assertThatIllegalArgumentException().isThrownBy(() -> ep.setPortResolver(null));
-	}
-
 	@Test
 	public void testGettersSetters() {
 		LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/hello");
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(8080, 8443));
 		assertThat(ep.getLoginFormUrl()).isEqualTo("/hello");
 		assertThat(ep.getPortMapper() != null).isTrue();
-		assertThat(ep.getPortResolver() != null).isTrue();
 		ep.setForceHttps(false);
 		assertThat(ep.isForceHttps()).isFalse();
 		ep.setForceHttps(true);
@@ -76,34 +67,33 @@ public class LoginUrlAuthenticationEntryPointTests {
 	public void testHttpsOperationFromOriginalHttpUrl() throws Exception {
 		MockHttpServletRequest request = get("http://127.0.0.1").requestUri("/bigWebApp", "/some_path", null).build();
 		MockHttpServletResponse response = new MockHttpServletResponse();
+		PortMapperImpl portMapper = new PortMapperImpl();
 		LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/hello");
-		ep.setPortMapper(new PortMapperImpl());
+		ep.setPortMapper(portMapper);
 		ep.setForceHttps(true);
-		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.afterPropertiesSet();
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("https://127.0.0.1/bigWebApp/hello");
 		request.setServerPort(8080);
 		response = new MockHttpServletResponse();
-		ep.setPortResolver(new MockPortResolver(8080, 8443));
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("https://127.0.0.1:8443/bigWebApp/hello");
 		// Now test an unusual custom HTTP:HTTPS is handled properly
 		request.setServerPort(8888);
+		portMapper.getTranslatedPortMappings().put(8888, 8443);
 		response = new MockHttpServletResponse();
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("https://127.0.0.1:8443/bigWebApp/hello");
-		PortMapperImpl portMapper = new PortMapperImpl();
+		portMapper = new PortMapperImpl();
 		Map<String, String> map = new HashMap<>();
 		map.put("8888", "9999");
 		portMapper.setPortMappings(map);
+		ep.setPortMapper(portMapper);
 		response = new MockHttpServletResponse();
 		ep = new LoginUrlAuthenticationEntryPoint("/hello");
 		ep.setPortMapper(new PortMapperImpl());
 		ep.setForceHttps(true);
 		ep.setPortMapper(portMapper);
-		ep.setPortResolver(new MockPortResolver(8888, 9999));
 		ep.afterPropertiesSet();
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("https://127.0.0.1:9999/bigWebApp/hello");
@@ -118,19 +108,16 @@ public class LoginUrlAuthenticationEntryPointTests {
 		ep.setPortMapper(new PortMapperImpl());
 		ep.setForceHttps(true);
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.afterPropertiesSet();
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com/bigWebApp/hello");
 		request.setServerPort(8443);
 		response = new MockHttpServletResponse();
-		ep.setPortResolver(new MockPortResolver(8080, 8443));
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com:8443/bigWebApp/hello");
 		// access to https via http port
 		request.setServerPort(8080);
 		response = new MockHttpServletResponse();
-		ep.setPortResolver(new MockPortResolver(8080, 8443));
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("https://www.example.com:8443/bigWebApp/hello");
 	}
@@ -139,7 +126,6 @@ public class LoginUrlAuthenticationEntryPointTests {
 	public void testNormalOperation() throws Exception {
 		LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/hello");
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.afterPropertiesSet();
 		MockHttpServletRequest request = get().requestUri("/bigWebApp", "/some_path", null).build();
 		MockHttpServletResponse response = new MockHttpServletResponse();
@@ -150,7 +136,6 @@ public class LoginUrlAuthenticationEntryPointTests {
 	@Test
 	public void testOperationWhenHttpsRequestsButHttpsPortUnknown() throws Exception {
 		LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/hello");
-		ep.setPortResolver(new MockPortResolver(8888, 1234));
 		ep.setForceHttps(true);
 		ep.afterPropertiesSet();
 		MockHttpServletRequest request = get("http://localhost:8888").requestUri("/bigWebApp", "/some_path", null)
@@ -218,19 +203,16 @@ public class LoginUrlAuthenticationEntryPointTests {
 		ep.setPortMapper(new PortMapperImpl());
 		ep.setForceHttps(true);
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.afterPropertiesSet();
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
 		request.setServerPort(8443);
 		response = new MockHttpServletResponse();
-		ep.setPortResolver(new MockPortResolver(8080, 8443));
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
 		// access to https via http port
 		request.setServerPort(8080);
 		response = new MockHttpServletResponse();
-		ep.setPortResolver(new MockPortResolver(8080, 8443));
 		ep.commence(request, response, null);
 		assertThat(response.getRedirectedUrl()).isEqualTo("/bigWebApp/hello");
 	}
@@ -240,7 +222,6 @@ public class LoginUrlAuthenticationEntryPointTests {
 		LoginUrlAuthenticationEntryPoint ep = new LoginUrlAuthenticationEntryPoint("/hello");
 		ep.setFavorRelativeUris(true);
 		ep.setPortMapper(new PortMapperImpl());
-		ep.setPortResolver(new MockPortResolver(80, 443));
 		ep.afterPropertiesSet();
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.setRequestURI("/some_path");

web/src/test/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixinTests.java

@@ -28,9 +28,9 @@ import org.junit.jupiter.api.Test;
 import org.skyscreamer.jsonassert.JSONAssert;
 
 import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.security.web.PortResolverImpl;
 import org.springframework.security.web.savedrequest.DefaultSavedRequest;
 import org.springframework.security.web.savedrequest.SavedCookie;
+import org.springframework.security.web.util.UrlUtils;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
@@ -107,7 +107,8 @@ public class DefaultSavedRequestMixinTests extends AbstractMixinTests {
 		MockHttpServletRequest mockRequest = new MockHttpServletRequest();
 		mockRequest.setCookies(new Cookie("SESSION", "123456789"));
 		mockRequest.addHeader("x-auth-token", "12");
-		assertThat(request.doesRequestMatch(mockRequest, new PortResolverImpl())).isTrue();
+		String currentUrl = UrlUtils.buildFullRequestUrl(mockRequest);
+		assertThat(request.getRedirectUrl().equals(currentUrl)).isTrue();
 	}
 
 	@Test
@@ -123,7 +124,7 @@ public class DefaultSavedRequestMixinTests extends AbstractMixinTests {
 			}
 		};
 		String actualString = this.mapper.writerWithDefaultPrettyPrinter()
-			.writeValueAsString(new DefaultSavedRequest(requestToWrite, new PortResolverImpl()));
+			.writeValueAsString(new DefaultSavedRequest(requestToWrite));
 		JSONAssert.assertEquals(REQUEST_JSON, actualString, true);
 	}
 

web/src/test/java/org/springframework/security/web/savedrequest/DefaultSavedRequestTests.java

@@ -21,7 +21,6 @@ import java.net.URL;
 import org.junit.jupiter.api.Test;
 
 import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.security.MockPortResolver;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
@@ -35,7 +34,7 @@ public class DefaultSavedRequestTests {
 	public void headersAreCaseInsensitive() {
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.addHeader("USER-aGenT", "Mozilla");
-		DefaultSavedRequest saved = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443));
+		DefaultSavedRequest saved = new DefaultSavedRequest(request);
 		assertThat(saved.getHeaderValues("user-agent").get(0)).isEqualTo("Mozilla");
 	}
 
@@ -44,7 +43,7 @@ public class DefaultSavedRequestTests {
 	public void discardsIfNoneMatchHeader() {
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.addHeader("If-None-Match", "somehashvalue");
-		DefaultSavedRequest saved = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443));
+		DefaultSavedRequest saved = new DefaultSavedRequest(request);
 		assertThat(saved.getHeaderValues("if-none-match")).isEmpty();
 	}
 
@@ -54,15 +53,14 @@ public class DefaultSavedRequestTests {
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.addParameter("AnotHerTest", "Hi dad");
 		request.addParameter("thisisatest", "Hi mom");
-		DefaultSavedRequest saved = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443));
+		DefaultSavedRequest saved = new DefaultSavedRequest(request);
 		assertThat(saved.getParameterValues("thisisatest")[0]).isEqualTo("Hi mom");
 		assertThat(saved.getParameterValues("anothertest")).isNull();
 	}
 
 	@Test
 	public void getRedirectUrlWhenNoQueryAndDefaultMatchingRequestParameterNameThenNoQuery() throws Exception {
-		DefaultSavedRequest savedRequest = new DefaultSavedRequest(new MockHttpServletRequest(),
-				new MockPortResolver(8080, 8443));
+		DefaultSavedRequest savedRequest = new DefaultSavedRequest(new MockHttpServletRequest());
 		assertThat(savedRequest.getParameterMap()).doesNotContainKey("success");
 		assertThat(new URL(savedRequest.getRedirectUrl())).hasNoQuery();
 	}
@@ -71,23 +69,21 @@ public class DefaultSavedRequestTests {
 	public void getRedirectUrlWhenQueryAndDefaultMatchingRequestParameterNameNullThenNoQuery() throws Exception {
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.setQueryString("foo=bar");
-		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443), null);
+		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request);
 		assertThat(savedRequest.getParameterMap()).doesNotContainKey("success");
 		assertThat(new URL(savedRequest.getRedirectUrl())).hasQuery("foo=bar");
 	}
 
 	@Test
 	public void getRedirectUrlWhenNoQueryAndNullMatchingRequestParameterNameThenNoQuery() throws Exception {
-		DefaultSavedRequest savedRequest = new DefaultSavedRequest(new MockHttpServletRequest(),
-				new MockPortResolver(8080, 8443), null);
+		DefaultSavedRequest savedRequest = new DefaultSavedRequest(new MockHttpServletRequest());
 		assertThat(savedRequest.getParameterMap()).doesNotContainKey("success");
 		assertThat(new URL(savedRequest.getRedirectUrl())).hasNoQuery();
 	}
 
 	@Test
 	public void getRedirectUrlWhenNoQueryAndMatchingRequestParameterNameThenQuery() throws Exception {
-		DefaultSavedRequest savedRequest = new DefaultSavedRequest(new MockHttpServletRequest(),
-				new MockPortResolver(8080, 8443), "success");
+		DefaultSavedRequest savedRequest = new DefaultSavedRequest(new MockHttpServletRequest(), "success");
 		assertThat(savedRequest.getParameterMap()).doesNotContainKey("success");
 		assertThat(new URL(savedRequest.getRedirectUrl())).hasQuery("success");
 	}
@@ -96,8 +92,7 @@ public class DefaultSavedRequestTests {
 	public void getRedirectUrlWhenQueryEmptyAndMatchingRequestParameterNameThenQuery() throws Exception {
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.setQueryString("");
-		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443),
-				"success");
+		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, "success");
 		assertThat(savedRequest.getParameterMap()).doesNotContainKey("success");
 		assertThat(new URL(savedRequest.getRedirectUrl())).hasQuery("success");
 	}
@@ -106,8 +101,7 @@ public class DefaultSavedRequestTests {
 	public void getRedirectUrlWhenQueryEndsAmpersandAndMatchingRequestParameterNameThenQuery() throws Exception {
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.setQueryString("foo=bar&");
-		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443),
-				"success");
+		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, "success");
 		assertThat(savedRequest.getParameterMap()).doesNotContainKey("success");
 		assertThat(new URL(savedRequest.getRedirectUrl())).hasQuery("foo=bar&success");
 	}
@@ -116,8 +110,7 @@ public class DefaultSavedRequestTests {
 	public void getRedirectUrlWhenQueryDoesNotEndAmpersandAndMatchingRequestParameterNameThenQuery() throws Exception {
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.setQueryString("foo=bar");
-		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443),
-				"success");
+		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, "success");
 		assertThat(savedRequest.getParameterMap()).doesNotContainKey("success");
 		assertThat(new URL(savedRequest.getRedirectUrl())).hasQuery("foo=bar&success");
 	}
@@ -127,8 +120,7 @@ public class DefaultSavedRequestTests {
 	public void getRedirectUrlWhenQueryAlreadyHasSuccessThenDoesNotAdd() throws Exception {
 		MockHttpServletRequest request = new MockHttpServletRequest();
 		request.setQueryString("foo=bar&success");
-		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, new MockPortResolver(8080, 8443),
-				"success");
+		DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, "success");
 		assertThat(savedRequest.getRedirectUrl()).contains("foo=bar&success");
 	}
 

web/src/test/java/org/springframework/security/web/savedrequest/HttpSessionRequestCacheTests.java

@@ -28,7 +28,6 @@ import org.junit.jupiter.api.Test;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.security.web.PortResolverImpl;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.ArgumentMatchers.anyBoolean;
@@ -78,8 +77,7 @@ public class HttpSessionRequestCacheTests {
 			@Override
 			public void saveRequest(HttpServletRequest request, HttpServletResponse response) {
 				request.getSession()
-					.setAttribute(SAVED_REQUEST,
-							new CustomSavedRequest(new DefaultSavedRequest(request, new PortResolverImpl())));
+					.setAttribute(SAVED_REQUEST, new CustomSavedRequest(new DefaultSavedRequest(request)));
 			}
 		};
 		cache.saveRequest(request, response);

web/src/test/java/org/springframework/security/web/savedrequest/SavedRequestAwareWrapperTests.java

@@ -26,7 +26,6 @@ import org.junit.jupiter.api.Test;
 
 import org.springframework.http.MediaType;
 import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.security.web.PortResolverImpl;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
@@ -35,7 +34,7 @@ public class SavedRequestAwareWrapperTests {
 
 	private SavedRequestAwareWrapper createWrapper(MockHttpServletRequest requestToSave,
 			MockHttpServletRequest requestToWrap) {
-		DefaultSavedRequest saved = new DefaultSavedRequest(requestToSave, new PortResolverImpl());
+		DefaultSavedRequest saved = new DefaultSavedRequest(requestToSave);
 		return new SavedRequestAwareWrapper(saved, requestToWrap);
 	}