Remove Java security context serialization (#2677)

Remove Java security context serialization - it is replaced by JSON security context serialization (optimized as size). Backward incompatible change.
Java security context serialization was not used in default hawkbit runtime out of the box. So, it's assumed none uses it. 
Anyway, if anyone has enabled it, he could, in order to keep backward compatibility, get the java security context serialization from the previous hawkbit releases/commits and register it again as a spring bean in his hawkbit extension.

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2025-09-18 14:46:51 +03:00
committed by GitHub
parent 4444fc92bc
commit 7980b5defb
11 changed files with 66 additions and 107 deletions

View File

@@ -0,0 +1,25 @@
/**
* Copyright (c) 2025 Contributors to the Eclipse Foundation
*
* This program and the accompanying materials are made
* available under the terms of the Eclipse Public License 2.0
* which is available at https://www.eclipse.org/legal/epl-2.0/
*
* SPDX-License-Identifier: EPL-2.0
*/
package org.eclipse.hawkbit.repository.jpa.acm;
import org.eclipse.hawkbit.security.SecurityContextSerializer;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
class AcmTestConfiguration {
@Bean
@ConditionalOnMissingBean
SecurityContextSerializer securityContextSerializer() {
return SecurityContextSerializer.JSON_SERIALIZATION;
}
}

View File

@@ -37,11 +37,13 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.test.context.ContextConfiguration;
/**
* Feature: Component Tests - Context runner<br/>
* Story: Test Context Runner
*/
@ContextConfiguration(classes = { AcmTestConfiguration.class })
class ContextAwareTest extends AbstractJpaIntegrationTest {
private static final List<String> AUTHORITIES = SpPermission.getAllAuthorities();

View File

@@ -49,7 +49,7 @@ import org.springframework.test.context.ContextConfiguration;
* Feature: Component Tests - Access Control<br/>
* Story: Test Target Access Controller
*/
@ContextConfiguration(classes = { DefaultAccessControllerConfiguration.class })
@ContextConfiguration(classes = { DefaultAccessControllerConfiguration.class, AcmTestConfiguration.class })
class TargetAccessControllerTest extends AbstractJpaIntegrationTest {
@Autowired

View File

@@ -47,6 +47,7 @@ import org.eclipse.hawkbit.tenancy.configuration.ControllerPollProperties;
import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties;
import org.springframework.aop.interceptor.AsyncUncaughtExceptionHandler;
import org.springframework.aop.interceptor.SimpleAsyncUncaughtExceptionHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cache.caffeine.CaffeineCacheManager;
@@ -144,11 +145,6 @@ public class TestConfiguration implements AsyncConfigurer {
return (tenant, username) -> Collections.emptyList();
}
@Bean
SecurityContextSerializer securityContextSerializer() {
return SecurityContextSerializer.JSON_SERIALIZATION;
}
@Bean
TenantResolver tenantResolver() {
return new DefaultTenantResolver();
@@ -156,7 +152,8 @@ public class TestConfiguration implements AsyncConfigurer {
@Bean
ContextAware contextAware(
final UserAuthoritiesResolver authoritiesResolver, final SecurityContextSerializer securityContextSerializer,
final UserAuthoritiesResolver authoritiesResolver,
@Autowired(required = false) final SecurityContextSerializer securityContextSerializer,
final TenantResolver tenantResolver) {
// allow spying the security context
return org.mockito.Mockito.spy(new SecurityContextTenantAware(authoritiesResolver, securityContextSerializer, tenantResolver));