As identified by this answer on Stack Overflow, ErrorPageSecurityFilter extends HttpFilter which is new in Servlet 4.0. As we support deployment to Servlet 3.1-compatible containers, we should implement Filter instead and then cast the request and response to HttpServletRequest and HttpServletResponse as needed.

Comment From: benjamin-sailer

Unfortunately I've still a problem along the lines of this issue: I've been trying to make a spring boot application (version 2.6.1) run on tomcat 8.5 (supporting only servlet-api version 3.1).

So I'm pulling the (provided) servlet-api 3.1 dependency of the interface javax.servlet.Filter(javax.servlet:javax.servlet-api:3.1.0) which is supplied without default implementation of the init-method; the implementation of org.springframework.boot.web.servlet.filter.ErrorPageSecurityFilter however seems to rely on a different interface definition (that contains the default implementation of the init method, coming from org.apache.tomcat.embed:tomcat-embed-core:9.0.52), not implementing itself.

So I end up with an org.apache.catalina.core.StandardContext.filterStart Ausnahme beim Starten des Filters [errorPageSecurityFilter] java.lang.AbstractMethodError at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:281) during startup. Maybe I'm doing something wrong in my project configuration, so help is appreciated, else I suspect that the default init implementation does not help.

I know my configuration is not really straight forward so probably I'm missing something here, but maybe it would be better not to rely on the default implementation for an interface definition the version of which is not fully under spring control (e.g. meant to be provided by the external container).

Comment From: philwebb

@benjamin-sailer I think you're seeing a duplicate of #28902. Can you please try to upgrade to Spring Boot 2.6.2.

Comment From: benjamin-sailer

Hi Phil,

thanks a lot, you're right, the issue has been solved via upgrade to 2.6.2.

Best regards, Benjamin  

--

Benjamin Sailer @.*** Public Key Fingerprint: 932A-8379-7517-B5DE-6AD4-DBBB-88BC-96E4-7BDD-C9B0

Gesendet: Freitag, 07. Januar 2022 um 20:19 Uhr Von: "Phil Webb" @.> An: "spring-projects/spring-boot" @.> Cc: "Benjamin Sailer" @.>, "Mention" @.> Betreff: Re: [spring-projects/spring-boot] ErrorPageSecurityFilter prevents deployment to a Servlet 3.1 compatible container (Issue #28790)

@benjamin-sailer I think you're seeing a duplicate of #28902. Can you please try to upgrade to Spring Boot 2.6.2.

— Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android. You are receiving this because you were mentioned.Message ID: @.***>