Describe the bug I get info logs during application startup, that a couple of Beans are not eligible for getting processed by all BeanPostProcessors. I am using Spring Boot 2.2.6.RELEASE. I thought, this was Spring Boot concerned, so I already created a ticket there but got sent over here. Link to the Spring Boot issue.

2020-04-17 12:42:56.720  INFO 9051 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration' of type [org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-04-17 12:42:56.726  INFO 9051 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'objectPostProcessor' of type [org.springframework.security.config.annotation.configuration.AutowireBeanFactoryObjectPostProcessor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-04-17 12:42:56.729  INFO 9051 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler@55b8dbda' of type [org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-04-17 12:42:56.736  INFO 9051 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration' of type [org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-04-17 12:42:56.743  INFO 9051 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.security.config.annotation.method.configuration.Jsr250MetadataSourceConfiguration' of type [org.springframework.security.config.annotation.method.configuration.Jsr250MetadataSourceConfiguration] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-04-17 12:42:56.744  INFO 9051 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'jsr250MethodSecurityMetadataSource' of type [org.springframework.security.access.annotation.Jsr250MethodSecurityMetadataSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2020-04-17 12:42:56.746  INFO 9051 --- [           main] trationDelegate$BeanPostProcessorChecker : Bean 'methodSecurityMetadataSource' of type [org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)

Since this leads to proxying problems, some method level security annotations are being ignored, which leads to unsecured endpoints at runtime. However I think that seeing this logs messages at application start is already a bug, since there shouldn't be any problems with BeanPostProcessors, because nothing custom is defined.

To Reproduce Use @EnableGloabeMethodSecurity and have spring-data-jpa in the project. When you then start your web applications, you get the before mentioned log messages.

Expected behavior I expect none of the before mentioned log messages at application start.

Sample

I created this minimal, reproducible sample which basically consists of nothing, but the @EnableGlobalMethodSecurity annotation and the needed dependencies.

Comment From: rwinch

Thanks for the report. I think there are two issues here. I don't believe these logs are directly related to beans you are creating not getting proxied. The logs are just informational since the configuration beans are not marked with ROLE_INFRASTRUCTURE.

Can you update the sample to demonstrate how your beans are not being proxied properly?

Comment From: Lyannic

While trying to create a sample for demonstration, it turned out, that there was a misunderstanding. There actually weren't any proxying problems.

Although the logs are informational, couldn't it happen, that at some time, proxying problems occur, because, as the logs say, some beans are not eligible for getting processed by all BeanPostProcessors?

Comment From: rwinch

Only the Configuration and Beans that are logged would be impacted. Would you be interested in creating a PR that adds @Role(BeanDefinition.ROLE_INFRASTRUCTURE) to the @Configuration and the @Bean definitions that were logged?

Comment From: Lyannic

Yes, I would be interested in that PR, but it could take some time, since I am quite busy at the moment.

Comment From: dadikovi

@Lyannic if you dont have time for this I could send a PR about it. (But I can keep searching for another issue if you want to work on this! :) )

Comment From: Lyannic

@dadikovi If you are looking for a PR and are interested in this one, you can go for it. I am not calling dibs on it :)

Comment From: dadikovi

Okay, thank you! :)