From 8374128a3f920fad352e7dfb3c8f4de2eb9b2994 Mon Sep 17 00:00:00 2001 From: Hendrik Ebbers Date: Wed, 15 Jul 2026 20:08:23 +0200 Subject: [PATCH 1/3] chore(pom): update parent version to 1.2.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 09294b4..d0a972a 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ com.open-elements java-parent - 1.0.0 + 1.2.0 spring-services From 9697e9d44ec31843d4586c9c32e695ad144c0067 Mon Sep 17 00:00:00 2001 From: Hendrik Ebbers Date: Thu, 16 Jul 2026 18:21:42 +0200 Subject: [PATCH 2/3] fix(security): disambiguate JsonAuthenticationEntryPoint beans via @Qualifier SecurityConfig defines two beans of type JsonAuthenticationEntryPoint (jwtAuthenticationEntryPoint, apiKeyAuthenticationEntryPoint) and relied on the injection-point parameter name matching the bean name to pick the right one. That only works when classes are compiled with -parameters; the org parent stopped providing that flag in 1.2.0, so the ApplicationContext failed to load with NoUniqueBeanDefinitionException (103 test errors). Resolve the ambiguity explicitly with @Qualifier instead of relying on parameter-name magic, so the wiring is correct and self-documenting regardless of the compiler flag. The parent is separately being fixed to re-enable -parameters (OpenElementsLabs/java-parent#1), but this makes the security config robust on its own. Co-Authored-By: Claude Opus 4.8 (1M context) --- .../spring/base/security/SecurityConfig.java | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/spring-services-core/src/main/java/com/openelements/spring/base/security/SecurityConfig.java b/spring-services-core/src/main/java/com/openelements/spring/base/security/SecurityConfig.java index 20981f5..3a31edc 100644 --- a/spring-services-core/src/main/java/com/openelements/spring/base/security/SecurityConfig.java +++ b/spring-services-core/src/main/java/com/openelements/spring/base/security/SecurityConfig.java @@ -8,6 +8,7 @@ import java.util.ArrayList; import java.util.Collection; import java.util.List; +import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; @@ -110,7 +111,8 @@ public JsonAuthenticationEntryPoint apiKeyAuthenticationEntryPoint( */ @Bean public ApiKeyAuthenticationFilter apiKeyAuthenticationFilter( - final JsonAuthenticationEntryPoint apiKeyAuthenticationEntryPoint) { + @Qualifier("apiKeyAuthenticationEntryPoint") + final JsonAuthenticationEntryPoint apiKeyAuthenticationEntryPoint) { return new ApiKeyAuthenticationFilter(apiKeyDataService, apiKeyAuthenticationEntryPoint); } @@ -166,7 +168,8 @@ public JwtAuthenticationConverter jwtAuthenticationConverter() { public SecurityFilterChain externalApiFilterChain( final HttpSecurity http, final ApiKeyAuthenticationFilter apiKeyAuthenticationFilter, - final JsonAuthenticationEntryPoint apiKeyAuthenticationEntryPoint) + @Qualifier("apiKeyAuthenticationEntryPoint") + final JsonAuthenticationEntryPoint apiKeyAuthenticationEntryPoint) throws Exception { http.securityMatcher("/api/external/**") .authorizeHttpRequests( @@ -202,7 +205,9 @@ public SecurityFilterChain externalApiFilterChain( @Bean @Order(2) public SecurityFilterChain defaultFilterChain( - final HttpSecurity http, final JsonAuthenticationEntryPoint jwtAuthenticationEntryPoint) + final HttpSecurity http, + @Qualifier("jwtAuthenticationEntryPoint") + final JsonAuthenticationEntryPoint jwtAuthenticationEntryPoint) throws Exception { http.authorizeHttpRequests( auth -> From dc603f70aa298aab21e792ac97ca859de00593b1 Mon Sep 17 00:00:00 2001 From: Hendrik Ebbers Date: Fri, 17 Jul 2026 09:45:43 +0200 Subject: [PATCH 3/3] chore(pom): update parent version to 1.2.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index d0a972a..c40bba1 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ com.open-elements java-parent - 1.2.0 + 1.2.1 spring-services