12 years ago · 2fef79f3d2
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterComparator.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterComparator.java
@@ -36,6 +36,7 @@ import org.springframework.security.web.authentication.ui.DefaultLoginPageViewFi
 
				 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
			
 
				 import org.springframework.security.web.authentication.www.DigestAuthenticationFilter;
			
 
				 import org.springframework.security.web.context.SecurityContextPersistenceFilter;
			
 
				+import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter;
			
 
				 import org.springframework.security.web.header.HeaderWriterFilter;
			
 
				 import org.springframework.security.web.jaasapi.JaasApiIntegrationFilter;
			
 
				 import org.springframework.security.web.savedrequest.RequestCacheAwareFilter;
			
@@ -62,6 +63,8 @@ final class FilterComparator implements Comparator<Filter>, Serializable {
 
				         order += STEP;
			
 
				         put(ConcurrentSessionFilter.class, order);
			
 
				         order += STEP;
			
 
				+        put(WebAsyncManagerIntegrationFilter.class, order);
			
 
				+        order += STEP;
			
 
				         put(SecurityContextPersistenceFilter.class, order);
			
 
				         order += STEP;
			
 
				         put(HeaderWriterFilter.class, order);
			
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java
@@ -39,6 +39,7 @@ import org.springframework.security.core.userdetails.UserDetails;
 
				 import org.springframework.security.core.userdetails.UserDetailsService;
			
 
				 import org.springframework.security.core.userdetails.UsernameNotFoundException;
			
 
				 import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
			
 
				+import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter;
			
 
				 import org.springframework.web.accept.ContentNegotiationStrategy;
			
 
				 import org.springframework.web.accept.HeaderContentNegotiationStrategy;
			
 
				 
			
@@ -154,6 +155,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
 
				         http.setSharedObject(ContentNegotiationStrategy.class, contentNegotiationStrategy);
			
 
				         if(!disableDefaults) {
			
 
				             http
			
 
				+                .addFilter(new WebAsyncManagerIntegrationFilter())
			
 
				                 .exceptionHandling().and()
			
 
				                 .headers().and()
			
 
				                 .sessionManagement().and()
			
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTests.groovy
@@ -41,6 +41,7 @@ import org.springframework.security.core.Authentication
 
				 import org.springframework.security.core.userdetails.UserDetailsService
			
 
				 import org.springframework.security.core.userdetails.UsernameNotFoundException
			
 
				 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
			
 
				+import org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter;
			
 
				 import org.springframework.web.accept.ContentNegotiationStrategy
			
 
				 import org.springframework.web.accept.HeaderContentNegotiationStrategy
			
 
				 import org.springframework.web.filter.OncePerRequestFilter
			
@@ -99,6 +100,31 @@ class WebSecurityConfigurerAdapterTests extends BaseSpringSpec {
 
				         }
			
 
				     }
			
 
				 
			
 
				+    def "webasync populated by default"() {
			
 
				+        when: "load config that overrides http and accepts defaults"
			
 
				+            loadConfig(WebAsyncPopulatedByDefaultConfig)
			
 
				+        then: "WebAsyncManagerIntegrationFilter is populated"
			
 
				+            findFilter(WebAsyncManagerIntegrationFilter)
			
 
				+    }
			
 
				+
			
 
				+    @EnableWebSecurity
			
 
				+    @Configuration
			
 
				+    static class WebAsyncPopulatedByDefaultConfig extends WebSecurityConfigurerAdapter {
			
 
				+
			
 
				+        @Override
			
 
				+        protected void registerAuthentication(AuthenticationManagerBuilder auth)
			
 
				+                throws Exception {
			
 
				+            auth
			
 
				+                .inMemoryAuthentication()
			
 
				+                    .withUser("user").password("password").roles("USER")
			
 
				+        }
			
 
				+
			
 
				+        @Override
			
 
				+        protected void configure(HttpSecurity http) throws Exception {
			
 
				+
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				     def "AuthenticationEventPublisher is registered for Web registerAuthentication"() {
			
 
				         when:
			
 
				             loadConfig(InMemoryAuthWithWebSecurityConfigurerAdapter)