5 ماه پیش · ab52fd858a
--- a/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManager.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManager.java
@@ -23,12 +23,16 @@ import jakarta.servlet.ServletException;
 
				 
			
 
				 import org.springframework.security.access.ConfigAttribute;
			
 
				 import org.springframework.security.web.FilterInvocation;
			
 
				+import org.springframework.security.web.util.matcher.RequestMatcher;
			
 
				 
			
 
				 /**
			
 
				  * Decides whether a web channel provides sufficient security.
			
 
				  *
			
 
				  * @author Ben Alex
			
 
				+ * @deprecated no replacement is planned, though consider using a custom
			
 
				+ * {@link RequestMatcher} for any sophisticated decision-making
			
 
				  */
			
 
				+@Deprecated
			
 
				 public interface ChannelDecisionManager {
			
 
				 
			
 
				 	/**
			
--- a/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelDecisionManagerImpl.java
@@ -26,6 +26,7 @@ import jakarta.servlet.ServletException;
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				 import org.springframework.security.access.ConfigAttribute;
			
 
				 import org.springframework.security.web.FilterInvocation;
			
 
				+import org.springframework.security.web.util.matcher.RequestMatcher;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 /**
			
@@ -44,7 +45,10 @@ import org.springframework.util.Assert;
 
				  * channel processors will be skipped (see SEC-494, SEC-335).
			
 
				  *
			
 
				  * @author Ben Alex
			
 
				+ * @deprecated no replacement is planned, though consider using a custom
			
 
				+ * {@link RequestMatcher} for any sophisticated decision-making
			
 
				  */
			
 
				+@Deprecated
			
 
				 public class ChannelDecisionManagerImpl implements ChannelDecisionManager, InitializingBean {
			
 
				 
			
 
				 	public static final String ANY_CHANNEL = "ANY_CHANNEL";
			
--- a/web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessingFilter.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessingFilter.java
@@ -83,7 +83,9 @@ import org.springframework.web.filter.GenericFilterBean;
 
				  * over HTTPS.
			
 
				  *
			
 
				  * @author Ben Alex
			
 
				+ * @deprecated see {@link org.springframework.security.web.transport.HttpsRedirectFilter}
			
 
				  */
			
 
				+@Deprecated
			
 
				 public class ChannelProcessingFilter extends GenericFilterBean {
			
 
				 
			
 
				 	private ChannelDecisionManager channelDecisionManager;
			
--- a/web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessor.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/ChannelProcessor.java
@@ -23,6 +23,7 @@ import jakarta.servlet.ServletException;
 
				 
			
 
				 import org.springframework.security.access.ConfigAttribute;
			
 
				 import org.springframework.security.web.FilterInvocation;
			
 
				+import org.springframework.security.web.util.matcher.RequestMatcher;
			
 
				 
			
 
				 /**
			
 
				  * Decides whether a web channel meets a specific security condition.
			
@@ -34,7 +35,10 @@ import org.springframework.security.web.FilterInvocation;
 
				  * themselves. The callers of the implementation do not take any action.
			
 
				  *
			
 
				  * @author Ben Alex
			
 
				+ * @deprecated no replacement is planned, though consider using a custom
			
 
				+ * {@link RequestMatcher} for any sophisticated decision-making
			
 
				  */
			
 
				+@Deprecated
			
 
				 public interface ChannelProcessor {
			
 
				 
			
 
				 	/**
			
--- a/web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/InsecureChannelProcessor.java
@@ -24,6 +24,7 @@ import jakarta.servlet.ServletException;
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				 import org.springframework.security.access.ConfigAttribute;
			
 
				 import org.springframework.security.web.FilterInvocation;
			
 
				+import org.springframework.security.web.util.matcher.RequestMatcher;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 /**
			
@@ -39,7 +40,10 @@ import org.springframework.util.Assert;
 
				  * The default <code>insecureKeyword</code> is <code>REQUIRES_INSECURE_CHANNEL</code>.
			
 
				  *
			
 
				  * @author Ben Alex
			
 
				+ * @deprecated no replacement is planned, though consider using a custom
			
 
				+ * {@link RequestMatcher} for any sophisticated decision-making
			
 
				  */
			
 
				+@Deprecated
			
 
				 public class InsecureChannelProcessor implements InitializingBean, ChannelProcessor {
			
 
				 
			
 
				 	private ChannelEntryPoint entryPoint = new RetryWithHttpEntryPoint();
			
--- a/web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java
+++ b/web/src/main/java/org/springframework/security/web/access/channel/SecureChannelProcessor.java
@@ -24,6 +24,7 @@ import jakarta.servlet.ServletException;
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				 import org.springframework.security.access.ConfigAttribute;
			
 
				 import org.springframework.security.web.FilterInvocation;
			
 
				+import org.springframework.security.web.util.matcher.RequestMatcher;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 /**
			
@@ -39,7 +40,10 @@ import org.springframework.util.Assert;
 
				  * The default <code>secureKeyword</code> is <code>REQUIRES_SECURE_CHANNEL</code>.
			
 
				  *
			
 
				  * @author Ben Alex
			
 
				+ * @deprecated no replacement is planned, though consider using a custom
			
 
				+ * {@link RequestMatcher} for any sophisticated decision-making
			
 
				  */
			
 
				+@Deprecated
			
 
				 public class SecureChannelProcessor implements InitializingBean, ChannelProcessor {
			
 
				 
			
 
				 	private ChannelEntryPoint entryPoint = new RetryWithHttpsEntryPoint();