Currently the auto configuration of the SpringSecurityDialect is solely dependend on its own existence on the classpath, however if this was accidentily added without Spring Security the application fails to start.
There is now only an @ConditionalOnClass({ SpringSecurityDialect.class }) on the configuration class, it might be beneficial to add an additional check for Spring Security on there.
See https://stackoverflow.com/questions/70290743/how-to-temporary-disable-dependencies-in-spring-boots-pom-xml
Comment From: wilkinsona
Thanks, @mdeinum. Somewhat surprisingly, the Spring Security dependencies are declared as provided in thymeleaf-extras-springsecurity5's pom even though they are required at runtime. Given that is the case, we should add a check for a Spring Security class too, backing off in its absence.
Comment From: terminux
Hi, I submitted a PR to fix this issue.#28967
Comment From: snicoll
Closing in favor of PR #28967