Working around spring-projects/spring-framework#33789

apache · Nov 8, 2024 · cd601aa · cd601aa
1 parent 6ff0b88
commit cd601aa
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/sra/src/main/java/org/apache/syncope/sra/SecurityConfig.java b/sra/src/main/java/org/apache/syncope/sra/SecurityConfig.java
@@ -49,11 +49,14 @@
 import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 import org.springframework.core.convert.converter.Converter;
 import org.springframework.core.io.FileUrlResource;
 import org.springframework.core.io.support.ResourcePatternResolver;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpMethod;
+import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
@@ -76,12 +79,34 @@
 import org.springframework.security.web.server.util.matcher.NegatedServerWebExchangeMatcher;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
+import org.springframework.web.server.WebFilter;
 import reactor.core.publisher.Mono;
 
 @EnableWebFluxSecurity
 @Configuration(proxyBeanMethods = false)
 public class SecurityConfig {
 
+    /**
+     * Workaround for https://github.com/spring-projects/spring-framework/issues/33789
+     *
+     * @return web filter with writable HTTP headers
+     */
+    @Bean
+    @Order(Ordered.HIGHEST_PRECEDENCE)
+    public WebFilter writeableHeaders() {
+        return (exchange, chain) -> {
+            HttpHeaders writeableHeaders = HttpHeaders.writableHttpHeaders(exchange.getRequest().getHeaders());
+            ServerHttpRequestDecorator writeableRequest = new ServerHttpRequestDecorator(exchange.getRequest()) {
+
+                @Override
+                public HttpHeaders getHeaders() {
+                    return writeableHeaders;
+                }
+            };
+            return chain.filter(exchange.mutate().request(writeableRequest).build());
+        };
+    }
+
     @Bean
     @Order(0)
     @ConditionalOnProperty(prefix = SRAProperties.PREFIX, name = SRAProperties.AM_TYPE, havingValue = "SAML2")