The Kotlin DSL should allow customizing the SecurityContext management. This functionality already exists on the Java DSL, see HttpSecurity#securityContext.

Comment From: nor-ek

You can assign me. Tell me if I understand correctly. There is missing SecurityContext in HttpSecurityDsl and we would like to add it? In the same way it's in Java HttpSecurity.

    public HttpSecurity securityContext(Customizer<SecurityContextConfigurer<HttpSecurity>> securityContextCustomizer)
            throws Exception {
        securityContextCustomizer.customize(getOrApply(new SecurityContextConfigurer<>()));
        return HttpSecurity.this;
    }

Comment From: eleftherias

Thanks for volunteering @nor-ek!

Your understanding is correct. You can take a look at HttpSecurityDsl#formLogin for an example of how to write this kind of method in the Kotlin DSL.

Comment From: eleftherias

@nor-ek Have you had the chance to look into this?

Comment From: nor-ek

@eleftherias sorry but not yet. I'm going to work on this over the weekend. By the way do you know from which branch/version should I start?

Comment From: eleftherias

Thanks @nor-ek! Good question, you should start with 5.7.x since that is our next feature release.

Comment From: nor-ek

Could you explain me how to check that? Moreover are you able to update this task?

Comment From: eleftherias

@nor-ek We are in a unique situation now because we are preparing for the 5.7.0 and 6.0.0 releases simultaneously.

Typically the main branch has the code for our next release, but currently the main branch has the code for the 6.0.0 release and the 5.7.x branch has the code for the 5.7.0 release.

To find out what the next release is you can check the milestones for this project.

I'm not going to add a milestone to this issue yet, since we're not sure when it will be completed.

Comment From: nor-ek

@eleftherias So here we go PR: https://github.com/spring-projects/spring-security/pull/11111. Let me know if there is something I can do better since it's my first that type PR.

Due to it's based on Java classes there are many deprecated methods. Not sure if you have some policy that new code shouldn't use deprecated methods. I think it can be done in future either for kotlin and java as kind of code improvement.

However I've questions: - do you have common Spring Security project formatting template for Intellij IDEA? - could you give me an advice how to run separate test class. Tests were stuck when I used command gradle :spring-security-config:test --tests org.springframework.security.config.web.servlet.SecurityContextDslTests but gradle :spring-security-config:test --tests org.springframework.security.config.web.servlet.* worked pretty well

Comment From: eleftherias

Closed via a3e7e54