Circular dependency on Spring Boot >=2.6

[alexpdp7]

Hi,

If I update my Spring Boot application that was on Spring Boot 2.5.7 to the latest, I get the following error on startup:

***************************
APPLICATION FAILED TO START
***************************

Description:

The dependencies of some of the beans in the application context form a cycle:

┌──->──┐
|  com.github.ulisesbocchio.spring.boot.security.saml.configuration.SAMLServiceProviderSecurityConfiguration (field private org.springframework.security.saml.log.SAMLLogger com.github.ulisesbocchio.spring.boot.security.saml.configuration.SAMLServiceProviderSecurityConfiguration.samlLogger)
└──<-──┘

Action:

Relying upon circular references is discouraged and they are prohibited by default. Update your application to remove the dependency cycle between beans. As a last resort, it may be possible to break the cycle automatically by setting spring.main.allow-circular-references to true.

e.g. at https://github.com/alexpdp7/zqxjkcrud/pull/261 .

I could allow circular dependencies, but I'm opening this issue in case someone stumbles with it and can provide a better solution. As for alternatives:

• https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#web.security.saml2 It seem that Spring Boot may support SAML somehow?

(Also if there's some suggestion here, I suppose people using this project will appreciate :)

[chriswhite199]

Migrating myself from 2.3 to 2.6 and facing the same issue.

For my @SpringBootTest tests, I just had to add an inline configuration to define a SAMLLogger explicitly rather than let Auto config do it, and that fixed the issue. I haven't got to running my application yet, but it will probably have the same issue and I'm sure an explicit config of the bean will also resolve it:

@Configuration
public class SamlConfig {
  @Bean()
  public SAMLLogger samlLogger() {
    return SAMLDefaultLogger();
  }
}