Skip to content

Resolve RequestMatcher at request-time #13850

New issue
New issue
Closed
Listed in
#13568
Closed
Resolve RequestMatcher at request-time#13850
Listed in
#13568
Assignees
jzheaux
Milestone
 
6.2.0-RC1
@jzheaux

Description

@jzheaux
jzheaux
opened on Sep 20, 2023 · edited by jzheaux
Contributor

In circumstances where Spring MVC is deployed only to the root servlet (/), then there is no information lost when a path is specified in request matchers:

http
    .authorizeHttpRequests((authorize) -> authorize
        .requestMatchers("/path").hasAuthority("path:read")
    )
    // ...

Whether the above /path points to Spring MVC or not can be determined at request time by inspecting which servlet the request resolves to.

Activity

jzheaux
mentioned this on Sep 20, 2023
jzheaux
closed this as completedin 8f829ddon Oct 12, 2023
jzheaux
mentioned this on Oct 17, 2023
marcusdacoregio
mentioned this on Oct 27, 2023
marcusdacoregio
added this to the 6.2.0-RC1 milestone on Oct 27, 2023
marcusdacoregio
assigned
jzheaux
on Oct 27, 2023
jzheaux
mentioned this on Oct 31, 2023
jzheaux
changed the title [-]Consider resolving matcher at request-time[/-] [+]Resolve RequestMatcher at request-time[/+] on Oct 31, 2023
marcusdacoregio
mentioned this on Nov 17, 2023
chschu
added a commit that references this issue on Jan 29, 2024

Refine requestMatcher Validation Rules

8f829dd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

Relationships

None yet

    Development

    No branches or pull requests

      Participants

      @jzheaux@marcusdacoregio

      Issue actions
        Resolve RequestMatcher at request-time · Issue #13850 · spring-projects/spring-security