Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 01:02:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '5.8.x'

Browse Source
This commit is contained in:
Marcus Da Coregio 2022-10-05 13:20:12 -03:00
commit 38a7bbd2eb
4 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
View File

@ -67,9 +67,9 @@ SecurityFilterChain web(HttpSecurity http) throws Exception {
http http
// ... // ...
.authorizeHttpRequests(authorize -> authorize // <1> .authorizeHttpRequests(authorize -> authorize // <1>
.mvcMatchers("/resources/**", "/signup", "/about").permitAll() // <2> .requestMatchers("/resources/**", "/signup", "/about").permitAll() // <2>
.mvcMatchers("/admin/**").hasRole("ADMIN") // <3> .requestMatchers("/admin/**").hasRole("ADMIN") // <3>
.mvcMatchers("/db/**").access(new WebExpressionAuthorizationManager("hasRole('ADMIN') and hasRole('DBA')")) // <4> .requestMatchers("/db/**").access(new WebExpressionAuthorizationManager("hasRole('ADMIN') and hasRole('DBA')")) // <4>
.anyRequest().denyAll() // <5> .anyRequest().denyAll() // <5>
); );
@ -142,7 +142,7 @@ Here is an example of mapping a custom authorization manager to the `my/authoriz
SecurityFilterChain web(HttpSecurity http) throws Exception { SecurityFilterChain web(HttpSecurity http) throws Exception {
http http
.authorizeHttpRequests((authorize) -> authorize .authorizeHttpRequests((authorize) -> authorize
.mvcMatchers("/my/authorized/endpoint").access(new CustomAuthorizationManager()); .requestMatchers("/my/authorized/endpoint").access(new CustomAuthorizationManager());
) )
// ... // ...

6
docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc
View File

@ -189,7 +189,7 @@ public class MyCustomSecurityConfiguration {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.authorizeHttpRequests(authorize -> authorize .authorizeHttpRequests(authorize -> authorize
.mvcMatchers("/messages/**").hasAuthority("SCOPE_message:read") .requestMatchers("/messages/**").hasAuthority("SCOPE_message:read")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.oauth2ResourceServer(oauth2 -> oauth2 .oauth2ResourceServer(oauth2 -> oauth2
@ -744,8 +744,8 @@ public class DirectlyConfiguredJwkSetUri {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.authorizeHttpRequests(authorize -> authorize .authorizeHttpRequests(authorize -> authorize
.mvcMatchers("/contacts/**").hasAuthority("SCOPE_contacts") .requestMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
.mvcMatchers("/messages/**").hasAuthority("SCOPE_messages") .requestMatchers("/messages/**").hasAuthority("SCOPE_messages")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt); .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);

6
docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc
View File

@ -232,7 +232,7 @@ public class MyCustomSecurityConfiguration {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.authorizeHttpRequests(authorize -> authorize .authorizeHttpRequests(authorize -> authorize
.mvcMatchers("/messages/**").hasAuthority("SCOPE_message:read") .requestMatchers("/messages/**").hasAuthority("SCOPE_message:read")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.oauth2ResourceServer(oauth2 -> oauth2 .oauth2ResourceServer(oauth2 -> oauth2
@ -520,8 +520,8 @@ public class MappedAuthorities {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.authorizeHttpRequests(authorizeRequests -> authorizeRequests .authorizeHttpRequests(authorizeRequests -> authorizeRequests
.mvcMatchers("/contacts/**").hasAuthority("SCOPE_contacts") .requestMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
.mvcMatchers("/messages/**").hasAuthority("SCOPE_messages") .requestMatchers("/messages/**").hasAuthority("SCOPE_messages")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken); .oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken);

4
docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc
View File

@ -340,7 +340,7 @@ public class MyCustomSecurityConfiguration {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.authorizeHttpRequests(authorize -> authorize .authorizeHttpRequests(authorize -> authorize
.mvcMatchers("/messages/**").hasAuthority("ROLE_USER") .requestMatchers("/messages/**").hasAuthority("ROLE_USER")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.saml2Login(withDefaults()); .saml2Login(withDefaults());
@ -496,7 +496,7 @@ public class MyCustomSecurityConfiguration {
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.authorizeHttpRequests(authorize -> authorize .authorizeHttpRequests(authorize -> authorize
.mvcMatchers("/messages/**").hasAuthority("ROLE_USER") .requestMatchers("/messages/**").hasAuthority("ROLE_USER")
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.saml2Login(saml2 -> saml2 .saml2Login(saml2 -> saml2