Summary

The tests that are written in Groovy are very convenient and easy to read, but place an unnecessary burden on contributors unfamiliar with Groovy. We should migrate the Groovy tests to Java.

For the samples using Geb, take a look at https://github.com/spring-projects/spring-security/tree/b9152701a65df5b3fa78fe4bd2a946018f9ca352/samples/javaconfig/webflux-form/src/integration-test/java/sample

The following commits in Spring Session might be useful as well

https://github.com/spring-projects/spring-session/commit/1a318b89d907d01d80c9ba1b7c6ac99ca3cc3753

and

https://github.com/spring-projects/spring-session/commit/8e7c736a0aef27eda21371eaf7a237498098dcad

Anyone taking on this task I'd encourage them to break it up into multiple PRs that migrate smaller portions at a time (i.e. a sample or a package) and include

Migrate <what is migrated> groovy->java

(optional additional details)

Issue: gh-4939

I'd also encourage contributors to comment on this issue to state which piece they are going to start working on migrating. This will allow multiple people to help tackle this large issue and avoid duplicating efforts.

Comment From: michael-simons

Next: xml-jaas

Comment From: michael-simons

Next: javaconfig-form

Comment From: adolfoweloy

Migrate UserDetailsManagerConfigurerTests test groovy->java from security-config #4949

Comment From: michael-simons

Next: javaconfig-jdbc

Comment From: michael-simons

I will have the rest of the samples ready by the end of the weekend. One question though: There are more Groovy tests, also dedicated to tickets and stuff. Do you want to migrate them as well?

Comment From: rwinch

@michael-simons Thank you for your continued efforts. We would like to migrate all Groovy within Spring Security to Java. When looking at the spring-security-java-config classes, I'd take a look at using SpringTestRule (example usage)

Does that help?

Comment From: michael-simons

Yep, that was the question. Thanks.

Comment From: rwinch

@michael-simons Awesome. I think you were too quick for my edits so as an FYI I added a little more information above. Thanks again for your help!

Comment From: rwinch

I'm starting on config/src/test/groovy/org/springframework/security/config/annotation/authentication

Comment From: jgrandja

I'm starting on /config/src/test/groovy/org/springframework/security/config/annotation/web

including org.springframework.security.config.annotation.BaseSpringSpec given that a lot of tests extend from this one

Comment From: rwinch

I'm starting on config/src/test/groovy/org/springframework/security/config/annotation/configuration

Comment From: rwinch

I'm starting on config/src/test/groovy/org/springframework/security/config/annotation/issue50

Comment From: rwinch

I'm starting on config/src/test/groovy/org/springframework/security/config/annotation/method/configuration

Comment From: jgrandja

I'm starting on org.springframework.security.config.annotation.web.builders

Comment From: jzheaux

I'm starting on org.springframework.security.config.annotation.web.configuration.sec2377

Comment From: jzheaux

Starting on org.springframework.security.config.annotation.web.configurers.AnonymousConfigurerTests (not reserving the entire package, due to size)

Comment From: jzheaux

Started on org.springframework.security.config.annotation.web.configurers.PortMapperConfigurerTests.

Comment From: jzheaux

I'm starting on org.springframework.security.config.debug

Comment From: jzheaux

I'm starting on org.springframework.security.config.annotation.method.configuration

Comment From: jgrandja

I'm taking on the remaining tests in org.springframework.security.config.annotation.web.configuration

Comment From: jzheaux

I'm taking org.springframework.security.config.annotation.sec2758

Comment From: jzheaux

I'm taking org.springframework.security.config.websocket. @rwinch, I haven't played around with web sockets and Spring Security before, so let me know if there is anything I should be aware of.

Comment From: jzheaux

I'm taking org.springframework.security.config.doc.

Comment From: jzheaux

I'm taking org.springframework.security.config.http.AccessDeniedConfigTests. Not reserving the entire package since there are about a dozen classes in it.

Comment From: jzheaux

Upon further review, I am going to take the entire package org.springframework.security.config.http. Wish me luck.

Comment From: michael-simons

There’ll be dragons. Take care. :)

Comment From: jzheaux

I'm taking the org.springframework.security.config.annotation.web.configurers.Namespace* tests.

Comment From: kostya05983

@jzheaux , I will try to migrate org.springframework.security.config.annotation.web.configurers tests

Comment From: ghostd

Next: integration tests for the LDAP management

Comment From: jzheaux

I'm taking the cas sample.

Comment From: jzheaux

I'm starting on org.springframework.security.web.context.AbstractSecurityWebApplicationInitializerTests (last one!)