Fix tests using root cause for exception messages

Closes gh-11372

config/src/integration-test/java/org/springframework/security/config/ldap/EmbeddedLdapServerContextSourceFactoryBeanITests.java

@@ -77,7 +77,7 @@ public class EmbeddedLdapServerContextSourceFactoryBeanITests {
 	public void contextSourceFactoryBeanWhenManagerDnAndNoPasswordThenException() {
 		assertThatExceptionOfType(UnsatisfiedDependencyException.class)
 				.isThrownBy(() -> this.spring.register(CustomManagerDnNoPasswordConfig.class).autowire())
-				.withRootCauseInstanceOf(IllegalStateException.class)
+				.havingRootCause().isInstanceOf(IllegalStateException.class)
 				.withMessageContaining("managerPassword is required if managerDn is supplied");
 	}
 

config/src/test/java/org/springframework/security/config/SecurityNamespaceHandlerTests.java

@@ -98,7 +98,7 @@ public class SecurityNamespaceHandlerTests {
 		expectClassUtilsForNameThrowsNoClassDefFoundError(className);
 		assertThatExceptionOfType(BeanDefinitionParsingException.class)
 				.isThrownBy(() -> new InMemoryXmlApplicationContext(XML_AUTHENTICATION_MANAGER + XML_HTTP_BLOCK))
-				.withMessageContaining("NoClassDefFoundError: " + className);
+				.havingRootCause().isInstanceOf(NoClassDefFoundError.class).withMessage(className);
 	}
 
 	@Test
@@ -115,7 +115,7 @@ public class SecurityNamespaceHandlerTests {
 		expectClassUtilsForNameThrowsClassNotFoundException(className);
 		assertThatExceptionOfType(BeanDefinitionParsingException.class)
 				.isThrownBy(() -> new InMemoryXmlApplicationContext(XML_AUTHENTICATION_MANAGER + XML_HTTP_BLOCK))
-				.withMessageContaining("ClassNotFoundException: " + className);
+				.havingRootCause().isInstanceOf(ClassNotFoundException.class).withMessage(className);
 	}
 
 	@Test

config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java

@@ -152,7 +152,7 @@ public class WebSecurityConfigurationTests {
 	@Test
 	public void loadConfigWhenWebSecurityConfigurersHaveSameOrderThenThrowBeanCreationException() {
 		assertThatExceptionOfType(BeanCreationException.class)
-				.isThrownBy(() -> this.spring.register(DuplicateOrderConfig.class).autowire())
+				.isThrownBy(() -> this.spring.register(DuplicateOrderConfig.class).autowire()).havingRootCause()
 				.withMessageContaining("@Order on WebSecurityConfigurers must be unique")
 				.withMessageContaining(DuplicateOrderConfig.WebConfigurer1.class.getName())
 				.withMessageContaining(DuplicateOrderConfig.WebConfigurer2.class.getName());

config/src/test/java/org/springframework/security/config/http/AccessDeniedConfigTests.java

@@ -56,8 +56,14 @@ public class AccessDeniedConfigTests {
 	@Test
 	public void configureWhenAccessDeniedHandlerIsMissingLeadingSlashThenException() {
 		SpringTestContext context = this.spring.configLocations(this.xml("NoLeadingSlash"));
-		assertThatExceptionOfType(BeanCreationException.class).isThrownBy(() -> context.autowire())
-				.withMessageContaining("errorPage must begin with '/'");
+		/*
+		 * NOTE: Original error message "errorPage must begin with '/'" no longer shows up
+		 * in stack trace as of Spring Framework 6.x.
+		 *
+		 * See https://github.com/spring-projects/spring-framework/issues/25162.
+		 */
+		assertThatExceptionOfType(BeanCreationException.class).isThrownBy(() -> context.autowire()).havingRootCause()
+				.withMessageContaining("Property 'errorPage' threw exception");
 	}
 
 	@Test

config/src/test/java/org/springframework/security/config/http/HttpCorsConfigTests.java

@@ -61,7 +61,7 @@ public class HttpCorsConfigTests {
 	@Test
 	public void autowireWhenMissingMvcThenGivesInformativeError() {
 		assertThatExceptionOfType(BeanCreationException.class)
-				.isThrownBy(() -> this.spring.configLocations(this.xml("RequiresMvc")).autowire())
+				.isThrownBy(() -> this.spring.configLocations(this.xml("RequiresMvc")).autowire()).havingRootCause()
 				.withMessageContaining(
 						"Please ensure Spring Security & Spring MVC are configured in a shared ApplicationContext");
 	}

config/src/test/java/org/springframework/security/config/http/HttpHeadersConfigTests.java

@@ -386,10 +386,16 @@ public class HttpHeadersConfigTests {
 
 	@Test
 	public void configureWhenXssProtectionDisabledAndBlockSetThenAutowireFails() {
+		/*
+		 * NOTE: Original error message "Cannot set block to true with enabled false" no
+		 * longer shows up in stack trace as of Spring Framework 6.x.
+		 *
+		 * See https://github.com/spring-projects/spring-framework/issues/25162.
+		 */
 		assertThatExceptionOfType(BeanCreationException.class)
 				.isThrownBy(() -> this.spring
 						.configLocations(this.xml("DefaultsDisabledWithXssProtectionDisabledAndBlockSet")).autowire())
-				.withMessageContaining("Cannot set block to true with enabled false");
+				.havingRootCause().withMessageContaining("Property 'block' threw exception");
 	}
 
 	@Test
@@ -445,14 +451,14 @@ public class HttpHeadersConfigTests {
 	public void configureWhenUsingHpkpWithoutPinsThenAutowireFails() {
 		assertThatExceptionOfType(XmlBeanDefinitionStoreException.class)
 				.isThrownBy(() -> this.spring.configLocations(this.xml("DefaultsDisabledWithEmptyHpkp")).autowire())
-				.withMessageContaining("The content of element 'hpkp' is not complete");
+				.havingRootCause().withMessageContaining("The content of element 'hpkp' is not complete");
 	}
 
 	@Test
 	public void configureWhenUsingHpkpWithEmptyPinsThenAutowireFails() {
 		assertThatExceptionOfType(XmlBeanDefinitionStoreException.class)
 				.isThrownBy(() -> this.spring.configLocations(this.xml("DefaultsDisabledWithEmptyPins")).autowire())
-				.withMessageContaining("The content of element 'pins' is not complete");
+				.havingRootCause().withMessageContaining("The content of element 'pins' is not complete");
 	}
 
 	@Test

itest/ldap/embedded-ldap-none/src/integration-test/java/org/springframework/security/LdapServerBeanDefinitionParserTests.java

@@ -43,7 +43,7 @@ public class LdapServerBeanDefinitionParserTests {
 	public void apacheDirectoryServerIsStartedByDefault() {
 		assertThatExceptionOfType(BeanDefinitionStoreException.class)
 				.isThrownBy(() -> this.context = new ClassPathXmlApplicationContext("applicationContext-security.xml"))
-				.withMessageContaining("Embedded LDAP server is not provided");
+				.havingRootCause().withMessageContaining("Embedded LDAP server is not provided");
 	}
 
 }

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationCodeTokenResponseClientTests.java

@@ -258,7 +258,7 @@ public class DefaultAuthorizationCodeTokenResponseClientTests {
 						.getTokenResponse(authorizationCodeGrantRequest(this.clientRegistration.build())))
 				.withMessageContaining(
 						"[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response")
-				.withMessageContaining("tokenType cannot be null");
+				.havingRootCause().withMessageContaining("tokenType cannot be null");
 	}
 
 	@Test
@@ -274,7 +274,7 @@ public class DefaultAuthorizationCodeTokenResponseClientTests {
 						.getTokenResponse(authorizationCodeGrantRequest(this.clientRegistration.build())))
 				.withMessageContaining(
 						"[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response")
-				.withMessageContaining("tokenType cannot be null");
+				.havingRootCause().withMessageContaining("tokenType cannot be null");
 	}
 
 	@Test

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/DefaultClientCredentialsTokenResponseClientTests.java

@@ -269,7 +269,7 @@ public class DefaultClientCredentialsTokenResponseClientTests {
 				.isThrownBy(() -> this.tokenResponseClient.getTokenResponse(clientCredentialsGrantRequest))
 				.withMessageContaining(
 						"[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response")
-				.withMessageContaining("tokenType cannot be null");
+				.havingRootCause().withMessageContaining("tokenType cannot be null");
 	}
 
 	@Test
@@ -282,7 +282,7 @@ public class DefaultClientCredentialsTokenResponseClientTests {
 				.isThrownBy(() -> this.tokenResponseClient.getTokenResponse(clientCredentialsGrantRequest))
 				.withMessageContaining(
 						"[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response")
-				.withMessageContaining("tokenType cannot be null");
+				.havingRootCause().withMessageContaining("tokenType cannot be null");
 	}
 
 	@Test

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/DefaultJwtBearerTokenResponseClientTests.java

@@ -182,7 +182,7 @@ public class DefaultJwtBearerTokenResponseClientTests {
 				.isThrownBy(() -> this.tokenResponseClient.getTokenResponse(jwtBearerGrantRequest))
 				.withMessageContaining(
 						"[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response")
-				.withMessageContaining("tokenType cannot be null");
+				.havingRootCause().withMessageContaining("tokenType cannot be null");
 	}
 
 	@Test

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/DefaultPasswordTokenResponseClientTests.java

@@ -245,7 +245,7 @@ public class DefaultPasswordTokenResponseClientTests {
 				.isThrownBy(() -> this.tokenResponseClient.getTokenResponse(passwordGrantRequest))
 				.withMessageContaining(
 						"[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response")
-				.withMessageContaining("tokenType cannot be null");
+				.havingRootCause().withMessageContaining("tokenType cannot be null");
 	}
 
 	@Test

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/DefaultRefreshTokenTokenResponseClientTests.java

@@ -246,7 +246,7 @@ public class DefaultRefreshTokenTokenResponseClientTests {
 				.isThrownBy(() -> this.tokenResponseClient.getTokenResponse(refreshTokenGrantRequest))
 				.withMessageContaining("[invalid_token_response] An error occurred while attempting to "
 						+ "retrieve the OAuth 2.0 Access Token Response")
-				.withMessageContaining("tokenType cannot be null");
+				.havingRootCause().withMessageContaining("tokenType cannot be null");
 	}
 
 	@Test