Spring Security AbstractConfiguredSecurityBuilder::with(C configurer) overload, supplying Customizer.withDefaults()

Looking at 6.2.0-RC2, we have this new method, which is good:

https://github.com/spring-projects/spring-security/blob/4491b955b3c6cd2882eea10073f349f6d8b36bc4/config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java#L155

Not sure what more might be planned in this area for 6.2.0, but, it might be nice to include an overload of this method which just uses Customizer.withDefaults() for that second arg.

Comment From: marcusdacoregio

Hi, @nmck257. I'm happy that you liked the new method.

I wonder if creating such a method would follow the same standard the other DSL methods are following. For example, http.httpBasic() is deprecated in favor of http.httpBasic(Customizer.withDefaults()). It would look strange to me to have http.with(MyConfigurer.class) with no Customizer since all the DSL methods expect it.

However, in 7.0, those deprecated methods might be changed to return HttpSecurity and supply Customizer.withDefaults().

That being said, I'd hold a bit on the addition of the new method and see how the DSL will evolve to make sure we follow them.

Comment From: nmck257

Hi @marcusdacoregio -- thanks for that context!

I agree, waiting a bit is reasonable. I'll be interested to see where it lands.

Comment From: marcusdacoregio

Closing since we haven't received enough feedback until now. If needed, we can always reopen.