Use requestMatchers
Closes gh-96
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
plugins {
|
||||
id "java"
|
||||
id "nebula.integtest" version "8.2.0"
|
||||
id "org.gretty" version "3.0.6"
|
||||
id "org.gretty" version "4.0.0"
|
||||
id "war"
|
||||
}
|
||||
|
||||
@@ -16,14 +16,14 @@ repositories {
|
||||
ext["micrometer.version"] = "1.10.0-SNAPSHOT"
|
||||
|
||||
dependencies {
|
||||
implementation platform("org.springframework:spring-framework-bom:5.3.0")
|
||||
implementation platform("org.springframework.security:spring-security-bom:5.5.0-SNAPSHOT")
|
||||
implementation platform("org.springframework:spring-framework-bom:6.0.0-SNAPSHOT")
|
||||
implementation platform("org.springframework.security:spring-security-bom:6.0.0-SNAPSHOT")
|
||||
implementation platform("org.junit:junit-bom:5.7.0")
|
||||
|
||||
implementation "org.springframework.security:spring-security-config"
|
||||
implementation "org.springframework.security:spring-security-web"
|
||||
implementation "org.springframework:spring-webmvc"
|
||||
implementation "org.thymeleaf:thymeleaf-spring5:3.0.11.RELEASE"
|
||||
implementation "org.thymeleaf:thymeleaf-spring6:3.1.0.M3"
|
||||
|
||||
testImplementation "org.assertj:assertj-core:3.18.0"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
gretty {
|
||||
servletContainer = "tomcat9"
|
||||
servletContainer = "tomcat10"
|
||||
contextPath = "/"
|
||||
fileLogEnabled = false
|
||||
integrationTestTask = 'integrationTest'
|
||||
@@ -38,4 +38,4 @@ project.tasks.matching { it.name == "integrationTest" }.all {
|
||||
integrationTest.systemProperty 'app.httpBaseURI', httpBaseUrl
|
||||
integrationTest.systemProperty 'app.httpsBaseURI', httpsBaseUrl
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
|
||||
package example;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
import jakarta.servlet.Filter;
|
||||
|
||||
import org.springframework.web.filter.HiddenHttpMethodFilter;
|
||||
import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
|
||||
|
||||
@@ -34,7 +34,7 @@ public class SecurityConfiguration {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.antMatchers("/login", "/resources/**").permitAll()
|
||||
.requestMatchers("/login", "/resources/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.jee((jee) -> jee.mappableRoles("USER", "ADMIN"));
|
||||
|
||||
@@ -16,10 +16,10 @@
|
||||
|
||||
package example;
|
||||
|
||||
import org.thymeleaf.spring5.ISpringTemplateEngine;
|
||||
import org.thymeleaf.spring5.SpringTemplateEngine;
|
||||
import org.thymeleaf.spring5.templateresolver.SpringResourceTemplateResolver;
|
||||
import org.thymeleaf.spring5.view.ThymeleafViewResolver;
|
||||
import org.thymeleaf.spring6.ISpringTemplateEngine;
|
||||
import org.thymeleaf.spring6.SpringTemplateEngine;
|
||||
import org.thymeleaf.spring6.templateresolver.SpringResourceTemplateResolver;
|
||||
import org.thymeleaf.spring6.view.ThymeleafViewResolver;
|
||||
import org.thymeleaf.templatemode.TemplateMode;
|
||||
import org.thymeleaf.templateresolver.ITemplateResolver;
|
||||
|
||||
|
||||
@@ -47,8 +47,8 @@ public class SecurityConfig {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.antMatchers("/favicon.ico").permitAll()
|
||||
.mvcMatchers("/second-factor", "/third-factor").access(mfaAuthorizationManager)
|
||||
.requestMatchers("/favicon.ico").permitAll()
|
||||
.requestMatchers("/second-factor", "/third-factor").access(mfaAuthorizationManager)
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin((form) -> form
|
||||
|
||||
@@ -43,8 +43,8 @@ public class OAuth2ResourceServerSecurityConfiguration {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.antMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
|
||||
.antMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
|
||||
.requestMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
|
||||
.requestMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
||||
|
||||
@@ -75,7 +75,7 @@ public class OAuth2ResourceServerSecurityConfiguration {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.antMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.requestMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer((oauth2) -> oauth2.jwt(withDefaults()));
|
||||
|
||||
@@ -48,7 +48,7 @@ public class OAuth2ResourceServerSecurityConfiguration {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.mvcMatchers("/**/message/**").hasAuthority("SCOPE_message:read")
|
||||
.requestMatchers("/**/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer((oauth2) -> oauth2
|
||||
|
||||
@@ -46,8 +46,8 @@ public class OAuth2ResourceServerSecurityConfiguration {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.mvcMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
|
||||
.mvcMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
|
||||
.requestMatchers(HttpMethod.GET, "/message/**").hasAuthority("SCOPE_message:read")
|
||||
.requestMatchers(HttpMethod.POST, "/message/**").hasAuthority("SCOPE_message:write")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer((oauth2) -> oauth2
|
||||
|
||||
@@ -41,7 +41,7 @@ public class OAuth2ResourceServerSecurityConfiguration {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.mvcMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.requestMatchers("/message/**").hasAuthority("SCOPE_message:read")
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.oauth2ResourceServer((oauth2) -> oauth2
|
||||
|
||||
@@ -41,7 +41,7 @@ public class SecurityConfiguration {
|
||||
// @formatter:off
|
||||
http
|
||||
.authorizeHttpRequests((authorize) -> authorize
|
||||
.mvcMatchers("/", "/public/**").permitAll()
|
||||
.requestMatchers("/", "/public/**").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.formLogin(withDefaults())
|
||||
|
||||
@@ -35,8 +35,8 @@ class SecurityConfig {
|
||||
@Bean
|
||||
fun filterChain(http: HttpSecurity): SecurityFilterChain {
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/css/**").permitAll()
|
||||
.antMatchers("/user/**").hasAuthority("ROLE_USER")
|
||||
.requestMatchers("/css/**").permitAll()
|
||||
.requestMatchers("/user/**").hasAuthority("ROLE_USER")
|
||||
.and()
|
||||
.formLogin().loginPage("/log-in")
|
||||
return http.build()
|
||||
|
||||
Reference in New Issue
Block a user