Principal check in ServletRequestMethodArgumentResolver can result in type mismatches [SPR-15214] #19779
Description
George Hawkins opened SPR-15214 and commented
The Principal check in ServletRequestMethodArgumentResolver can result in the method returning a value that is clearly of a type that's unassignable to something of paramType.
This gist is a JUnit test that cuts things down to a minimum and demonstrates that the Principal check will happily return something that is a Principal subclass in the apparent belief it will be assignable to any other subclass of Principal - i.e. the same as thinking that a Double value will be assignable to an Integer on the basis that both are subclasses of Number.
Note: just to be clear this test is expected to fail - it's demonstrating our problem case.
Affects: 4.3.6
Reference URL: https://gist.github.com/george-hawkins/3b030c04a55d03b85a99bc69228648b5
Issue Links:
- MockHttpServletRequest.getReader() returns null in case of no content [SPR-15215] #19780 MockHttpServletRequest.getReader() returns null in case of no content