The new changes added via #14128 introduced a BeanDefinitionRegistryPostProcessor that, among other things, register a HandlerMappingIntrospectorRequestTransformer bean.
The problem arises from the fact that the BeanFactoryPostProcessors are invoked during AOT processing and once more at runtime, leading to a duplicate bean exception.
Usually org.springframework.beans.factory.config.BeanFactoryPostProcessor beans are excluded since they have contributed their bean definitions code generated during AOT build phase.
Related: - https://github.com/spring-projects/spring-framework/issues/30411 - https://github.com/spring-projects/spring-framework/issues/29484
Comment From: mraible
@marcusdacoregio Do you know if this fix will be included in a release of Spring Boot before January 16? I'm trying to decide if I should use Spring Boot 3.2.0 or wait for 3.2.2 for a presentation I'm doing on that date.
Comment From: marcusdacoregio
Hi, @mraible. Unfortunately no, this will be included in the next patch releases that will occur on February 19th and will probably be picked up by Spring Boot 3.2.3 in February 21st. An alternative is to use Spring Boot 3.2.2 and override the Spring Security version to use a SNAPSHOT.
Comment From: theotherp
Unfortunately this doesn't work for me. spring-security-config-6.3.0-20240110.101431-124 does not contain the changes from https://github.com/spring-projects/spring-security/commit/8a93178da712867420e0fbe01eeaa8e82f33a3f2.