From 74a25c3fc18901853f5c59f173a935d861aff681 Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Tue, 6 May 2025 16:40:10 -0600 Subject: [PATCH] Add shouldFilterAllDispatcherTypes Migration Steps --- .../ROOT/pages/migration-7/configuration.adoc | 57 +++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/docs/modules/ROOT/pages/migration-7/configuration.adoc b/docs/modules/ROOT/pages/migration-7/configuration.adoc index 0a06694f95..8d84e04ab4 100644 --- a/docs/modules/ROOT/pages/migration-7/configuration.adoc +++ b/docs/modules/ROOT/pages/migration-7/configuration.adoc @@ -123,3 +123,60 @@ In versions prior to 6.2, if you had a xref:servlet/configuration/java.adoc#jc-c However, starting from version 6.2, this method is deprecated and will be removed in 7.0 because it will no longer be possible to chain configurations using `.and()` once `.and()` is removed (see https://github.com/spring-projects/spring-security/issues/13067). Instead, it is recommended to use the new `.with(...)` method. For more information about how to use `.with(...)` please refer to the xref:servlet/configuration/java.adoc#jc-custom-dsls[Custom DSLs section]. + +== Use `dispatcherTypeMatchers` instead of `shouldFilterAllDispatcherTypes` + +If you are permitting the ERROR dispatch, you may be using `shouldFilterAllDispatcherTypes(false)` in the `auhorizeHttpRequests` DSL: + +[tabs] +====== +Java:: ++ +[source,java,role="primary"] +---- +http + .authorizeHttpRequests((authorize) -> authorize + .shouldFilterAllDispatcherTypes(false) + // ... + ) +---- + +Kotlin:: ++ +[source,kotlin,role="secondary"] +---- +http { + authorizeHttpRequests { + shouldFilterAllDispatcherTypes = false + // ... + } +} +---- +====== + +In preparation for 7, change this to use `dispatcherTypeMatchers`: + +[tabs] +====== +Java:: ++ +[source,java,role="primary"] +---- +http + .authorizHttpRequests((authorize) -> authorize + .dispatcherTypeMatchers(DispatcherType.ERROR).permitAll() + // ... + ) +---- + +Kotlin:: ++ +[source,kotlin,role="secondary"] +---- +http { + authorizeHttpRequests { + authorize(new DispatcherTypeRequestMatcher(DispatcherType.ERROR), permitAll()) + } +} +---- +======