SEC-2202: http.authorizeUrls() to http.authorizeRequests()
This change is more meaningful since the requests can be matched on anything not just the URL
This commit is contained in:
Rob Winch
parent
e1d8db4e95
commit
a39ff1b041
|
|
@ -88,7 +88,7 @@ import org.springframework.util.Assert;
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin();
|
* .formLogin();
|
||||||
|
|
@ -148,7 +148,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) {
|
* protected void configure(HttpSecurity http) {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .openidLogin()
|
* .openidLogin()
|
||||||
|
|
@ -180,7 +180,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) {
|
* protected void configure(HttpSecurity http) {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .openidLogin()
|
* .openidLogin()
|
||||||
|
|
@ -259,7 +259,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .anyRequest().hasRole("USER")
|
* .anyRequest().hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin()
|
* .formLogin()
|
||||||
|
|
@ -330,7 +330,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin()
|
* .formLogin()
|
||||||
|
|
@ -379,7 +379,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* // Example jee() configuration
|
* // Example jee() configuration
|
||||||
|
|
@ -454,7 +454,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* // Example x509() configuration
|
* // Example x509() configuration
|
||||||
|
|
@ -497,7 +497,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin()
|
* .formLogin()
|
||||||
|
|
@ -534,7 +534,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin();
|
* .formLogin();
|
||||||
|
|
@ -568,7 +568,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/admin/**").hasRole("ADMIN")
|
* .antMatchers("/admin/**").hasRole("ADMIN")
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
|
|
@ -596,7 +596,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
*
|
*
|
||||||
* <pre>
|
* <pre>
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .antMatchers("/admin/**").hasRole("ADMIN")
|
* .antMatchers("/admin/**").hasRole("ADMIN")
|
||||||
* </pre>
|
* </pre>
|
||||||
|
|
@ -606,7 +606,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @return
|
* @return
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public ExpressionUrlAuthorizationConfigurer<HttpSecurity> authorizeUrls() throws Exception {
|
public ExpressionUrlAuthorizationConfigurer<HttpSecurity> authorizeRequests() throws Exception {
|
||||||
return getOrApply(new ExpressionUrlAuthorizationConfigurer<HttpSecurity>());
|
return getOrApply(new ExpressionUrlAuthorizationConfigurer<HttpSecurity>());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -681,7 +681,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin()
|
* .formLogin()
|
||||||
|
|
@ -733,7 +733,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin()
|
* .formLogin()
|
||||||
|
|
@ -766,7 +766,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin()
|
* .formLogin()
|
||||||
|
|
@ -815,7 +815,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin();
|
* .formLogin();
|
||||||
|
|
@ -843,7 +843,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin()
|
* .formLogin()
|
||||||
|
|
@ -894,7 +894,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .formLogin()
|
* .formLogin()
|
||||||
|
|
@ -941,7 +941,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER").and()
|
* .antMatchers("/**").hasRole("USER").and()
|
||||||
* .httpBasic();
|
* .httpBasic();
|
||||||
* }
|
* }
|
||||||
|
|
@ -1061,7 +1061,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* .requestMatchers()
|
* .requestMatchers()
|
||||||
* .antMatchers("/api/**","/oauth/**")
|
* .antMatchers("/api/**","/oauth/**")
|
||||||
* .and()
|
* .and()
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER").and()
|
* .antMatchers("/**").hasRole("USER").and()
|
||||||
* .httpBasic();
|
* .httpBasic();
|
||||||
* }
|
* }
|
||||||
|
|
@ -1092,7 +1092,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* .antMatchers("/api/**")
|
* .antMatchers("/api/**")
|
||||||
* .antMatchers("/oauth/**")
|
* .antMatchers("/oauth/**")
|
||||||
* .and()
|
* .and()
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER").and()
|
* .antMatchers("/**").hasRole("USER").and()
|
||||||
* .httpBasic();
|
* .httpBasic();
|
||||||
* }
|
* }
|
||||||
|
|
@ -1125,7 +1125,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
|
||||||
* .requestMatchers()
|
* .requestMatchers()
|
||||||
* .antMatchers("/oauth/**")
|
* .antMatchers("/oauth/**")
|
||||||
* .and()
|
* .and()
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER").and()
|
* .antMatchers("/**").hasRole("USER").and()
|
||||||
* .httpBasic();
|
* .httpBasic();
|
||||||
* }
|
* }
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,7 @@ import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) throws Exception {
|
* protected void configure(HttpSecurity http) throws Exception {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/public/**").permitAll()
|
* .antMatchers("/public/**").permitAll()
|
||||||
* .anyRequest().hasRole("USER")
|
* .anyRequest().hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
|
|
|
||||||
|
|
@ -282,7 +282,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
|
||||||
*
|
*
|
||||||
* <pre>
|
* <pre>
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .anyRequest().authenticated().and()
|
* .anyRequest().authenticated().and()
|
||||||
* .formLogin().and()
|
* .formLogin().and()
|
||||||
* .httpBasic();
|
* .httpBasic();
|
||||||
|
|
@ -297,7 +297,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
|
||||||
logger.debug("Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity).");
|
logger.debug("Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity).");
|
||||||
|
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.formLogin().and()
|
.formLogin().and()
|
||||||
|
|
|
||||||
|
|
@ -65,7 +65,7 @@ import org.springframework.util.StringUtils;
|
||||||
*
|
*
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
* @since 3.2
|
* @since 3.2
|
||||||
* @see {@link org.springframework.security.config.annotation.web.builders.HttpSecurity#authorizeUrls()}
|
* @see {@link org.springframework.security.config.annotation.web.builders.HttpSecurity#authorizeRequests()}
|
||||||
*/
|
*/
|
||||||
public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractInterceptUrlConfigurer<H,ExpressionUrlAuthorizationConfigurer<H>,ExpressionUrlAuthorizationConfigurer<H>.AuthorizedUrl> {
|
public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractInterceptUrlConfigurer<H,ExpressionUrlAuthorizationConfigurer<H>,ExpressionUrlAuthorizationConfigurer<H>.AuthorizedUrl> {
|
||||||
static final String permitAll = "permitAll";
|
static final String permitAll = "permitAll";
|
||||||
|
|
@ -79,7 +79,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates a new instance
|
* Creates a new instance
|
||||||
* @see HttpSecurity#authorizeUrls()
|
* @see HttpSecurity#authorizeRequests()
|
||||||
*/
|
*/
|
||||||
public ExpressionUrlAuthorizationConfigurer() {
|
public ExpressionUrlAuthorizationConfigurer() {
|
||||||
}
|
}
|
||||||
|
|
@ -114,7 +114,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
|
||||||
final ExpressionBasedFilterInvocationSecurityMetadataSource createMetadataSource() {
|
final ExpressionBasedFilterInvocationSecurityMetadataSource createMetadataSource() {
|
||||||
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = createRequestMap();
|
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = createRequestMap();
|
||||||
if(requestMap.isEmpty()) {
|
if(requestMap.isEmpty()) {
|
||||||
throw new IllegalStateException("At least one mapping is required (i.e. authorizeUrls().anyRequest.authenticated())");
|
throw new IllegalStateException("At least one mapping is required (i.e. authorizeRequests().anyRequest.authenticated())");
|
||||||
}
|
}
|
||||||
return new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, expressionHandler);
|
return new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, expressionHandler);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -36,7 +36,7 @@ final class PermitAllSupport {
|
||||||
ExpressionUrlAuthorizationConfigurer<?> configurer = http.getConfigurer(ExpressionUrlAuthorizationConfigurer.class);
|
ExpressionUrlAuthorizationConfigurer<?> configurer = http.getConfigurer(ExpressionUrlAuthorizationConfigurer.class);
|
||||||
|
|
||||||
if(configurer == null) {
|
if(configurer == null) {
|
||||||
throw new IllegalStateException("permitAll only works with HttpSecurity.authorizeUrls()");
|
throw new IllegalStateException("permitAll only works with HttpSecurity.authorizeRequests()");
|
||||||
}
|
}
|
||||||
|
|
||||||
for(String url : urls) {
|
for(String url : urls) {
|
||||||
|
|
|
||||||
|
|
@ -64,7 +64,7 @@ import org.springframework.security.web.authentication.ui.DefaultLoginPageViewFi
|
||||||
* @Override
|
* @Override
|
||||||
* protected void configure(HttpSecurity http) {
|
* protected void configure(HttpSecurity http) {
|
||||||
* http
|
* http
|
||||||
* .authorizeUrls()
|
* .authorizeRequests()
|
||||||
* .antMatchers("/**").hasRole("USER")
|
* .antMatchers("/**").hasRole("USER")
|
||||||
* .and()
|
* .and()
|
||||||
* .openidLogin()
|
* .openidLogin()
|
||||||
|
|
|
||||||
|
|
@ -169,7 +169,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.antMatchers("/signup","/about").permitAll()
|
.antMatchers("/signup","/about").permitAll()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
|
|
@ -290,7 +290,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.antMatcher("/api/**")
|
.antMatcher("/api/**")
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.antMatchers("/api/admin/**").hasRole("ADMIN")
|
.antMatchers("/api/admin/**").hasRole("ADMIN")
|
||||||
.antMatchers("/api/**").hasRole("USER")
|
.antMatchers("/api/**").hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
|
|
@ -310,7 +310,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.antMatchers("/signup","/about").permitAll()
|
.antMatchers("/signup","/about").permitAll()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@ public class WebSecurityConfigurerAdapterTestsConfigs {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.antMatcher("/role1/**")
|
.antMatcher("/role1/**")
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("1");
|
.anyRequest().hasRole("1");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -113,7 +113,7 @@ public class HttpSecurityTests extends BaseSpringSpec {
|
||||||
.antMatchers("/api/**")
|
.antMatchers("/api/**")
|
||||||
.antMatchers("/oauth/**")
|
.antMatchers("/oauth/**")
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.antMatchers("/**").hasRole("USER")
|
.antMatchers("/**").hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
|
|
|
||||||
|
|
@ -77,7 +77,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
|
||||||
|
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().permitAll()
|
.anyRequest().permitAll()
|
||||||
.accessDecisionManager(ACCESS_DECISION_MGR)
|
.accessDecisionManager(ACCESS_DECISION_MGR)
|
||||||
}
|
}
|
||||||
|
|
@ -118,7 +118,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER");
|
.anyRequest().hasRole("USER");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -301,7 +301,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER");
|
.anyRequest().hasRole("USER");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -318,7 +318,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http.
|
http.
|
||||||
authorizeUrls()
|
authorizeRequests()
|
||||||
.filterSecurityInterceptorOncePerRequest(false)
|
.filterSecurityInterceptorOncePerRequest(false)
|
||||||
.antMatchers("/users**","/sessions/**").hasRole("ADMIN")
|
.antMatchers("/users**","/sessions/**").hasRole("ADMIN")
|
||||||
.antMatchers("/signup").permitAll()
|
.antMatchers("/signup").permitAll()
|
||||||
|
|
@ -482,7 +482,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
|
||||||
static class UseExpressionsConfig extends BaseWebConfig {
|
static class UseExpressionsConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.antMatchers("/users**","/sessions/**").hasRole("USER")
|
.antMatchers("/users**","/sessions/**").hasRole("USER")
|
||||||
.antMatchers("/signup").permitAll()
|
.antMatchers("/signup").permitAll()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
|
|
|
||||||
|
|
@ -62,7 +62,7 @@ class EnableWebSecurityTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.antMatchers("/*").hasRole("USER")
|
.antMatchers("/*").hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin();
|
.formLogin();
|
||||||
|
|
|
||||||
|
|
@ -87,7 +87,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.antMatcher("/role1/**")
|
.antMatcher("/role1/**")
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("1");
|
.anyRequest().hasRole("1");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -99,7 +99,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.antMatcher("/role2/**")
|
.antMatcher("/role2/**")
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("2");
|
.anyRequest().hasRole("2");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -111,7 +111,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.antMatcher("/role3/**")
|
.antMatcher("/role3/**")
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("3");
|
.anyRequest().hasRole("3");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -122,7 +122,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("4");
|
.anyRequest().hasRole("4");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -155,7 +155,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.antMatcher("/role1/**")
|
.antMatcher("/role1/**")
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("1");
|
.anyRequest().hasRole("1");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -166,7 +166,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.antMatcher("/role2/**")
|
.antMatcher("/role2/**")
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("2");
|
.anyRequest().hasRole("2");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -232,7 +232,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -253,7 +253,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -130,7 +130,7 @@ class DefaultFiltersTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER");
|
.anyRequest().hasRole("USER");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -134,7 +134,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
@ -159,7 +159,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.logout()
|
.logout()
|
||||||
|
|
@ -187,7 +187,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.logout()
|
.logout()
|
||||||
|
|
@ -222,7 +222,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
@ -252,7 +252,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.openidLogin()
|
.openidLogin()
|
||||||
|
|
@ -289,7 +289,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.rememberMe()
|
.rememberMe()
|
||||||
|
|
@ -315,7 +315,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
|
||||||
.exceptionHandling()
|
.exceptionHandling()
|
||||||
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
|
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
|
||||||
|
|
@ -110,7 +110,7 @@ class ExceptionHandlingConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
e.message == "role should not start with 'ROLE_' since it is automatically inserted. Got 'ROLE_USER'"
|
e.message == "role should not start with 'ROLE_' since it is automatically inserted. Got 'ROLE_USER'"
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() uses AffirmativeBased AccessDecisionManager"() {
|
def "authorizeRequests() uses AffirmativeBased AccessDecisionManager"() {
|
||||||
when: "Load Config with no specific AccessDecisionManager"
|
when: "Load Config with no specific AccessDecisionManager"
|
||||||
loadConfig(NoSpecificAccessDecessionManagerConfig)
|
loadConfig(NoSpecificAccessDecessionManagerConfig)
|
||||||
then: "AccessDecessionManager matches the HttpSecurityBuilder's default"
|
then: "AccessDecessionManager matches the HttpSecurityBuilder's default"
|
||||||
|
|
@ -66,17 +66,17 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
static class NoSpecificAccessDecessionManagerConfig extends WebSecurityConfigurerAdapter {
|
static class NoSpecificAccessDecessionManagerConfig extends WebSecurityConfigurerAdapter {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() no requests"() {
|
def "authorizeRequests() no requests"() {
|
||||||
when: "Load Config with no requests"
|
when: "Load Config with no requests"
|
||||||
loadConfig(NoRequestsConfig)
|
loadConfig(NoRequestsConfig)
|
||||||
then: "A meaningful exception is thrown"
|
then: "A meaningful exception is thrown"
|
||||||
BeanCreationException success = thrown()
|
BeanCreationException success = thrown()
|
||||||
success.message.contains "At least one mapping is required (i.e. authorizeUrls().anyRequest.authenticated())"
|
success.message.contains "At least one mapping is required (i.e. authorizeRequests().anyRequest.authenticated())"
|
||||||
}
|
}
|
||||||
|
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
|
|
@ -84,11 +84,11 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
static class NoRequestsConfig extends WebSecurityConfigurerAdapter {
|
static class NoRequestsConfig extends WebSecurityConfigurerAdapter {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() incomplete mapping"() {
|
def "authorizeRequests() incomplete mapping"() {
|
||||||
when: "Load Config with incomplete mapping"
|
when: "Load Config with incomplete mapping"
|
||||||
loadConfig(IncompleteMappingConfig)
|
loadConfig(IncompleteMappingConfig)
|
||||||
then: "A meaningful exception is thrown"
|
then: "A meaningful exception is thrown"
|
||||||
|
|
@ -101,13 +101,13 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
static class IncompleteMappingConfig extends WebSecurityConfigurerAdapter {
|
static class IncompleteMappingConfig extends WebSecurityConfigurerAdapter {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.antMatchers("/a").authenticated()
|
.antMatchers("/a").authenticated()
|
||||||
.anyRequest()
|
.anyRequest()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() hasAuthority"() {
|
def "authorizeRequests() hasAuthority"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(HasAuthorityConfig)
|
loadConfig(HasAuthorityConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -135,12 +135,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
http
|
http
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasAuthority("ROLE_USER")
|
.anyRequest().hasAuthority("ROLE_USER")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() hasAnyAuthority"() {
|
def "authorizeRequests() hasAnyAuthority"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(HasAnyAuthorityConfig)
|
loadConfig(HasAnyAuthorityConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -174,12 +174,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
http
|
http
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasAnyAuthority("ROLE_ADMIN","ROLE_DBA")
|
.anyRequest().hasAnyAuthority("ROLE_ADMIN","ROLE_DBA")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() hasIpAddress"() {
|
def "authorizeRequests() hasIpAddress"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(HasIpAddressConfig)
|
loadConfig(HasIpAddressConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -202,12 +202,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
http
|
http
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasIpAddress("192.168.1.0")
|
.anyRequest().hasIpAddress("192.168.1.0")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() anonymous"() {
|
def "authorizeRequests() anonymous"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(AnonymousConfig)
|
loadConfig(AnonymousConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -229,12 +229,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
http
|
http
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().anonymous()
|
.anyRequest().anonymous()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() rememberMe"() {
|
def "authorizeRequests() rememberMe"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(RememberMeConfig)
|
loadConfig(RememberMeConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -258,7 +258,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
.and()
|
.and()
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().rememberMe()
|
.anyRequest().rememberMe()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -271,7 +271,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() denyAll"() {
|
def "authorizeRequests() denyAll"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(DenyAllConfig)
|
loadConfig(DenyAllConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -293,12 +293,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
http
|
http
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().denyAll()
|
.anyRequest().denyAll()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() not denyAll"() {
|
def "authorizeRequests() not denyAll"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(NotDenyAllConfig)
|
loadConfig(NotDenyAllConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -320,12 +320,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
http
|
http
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().not().denyAll()
|
.anyRequest().not().denyAll()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() fullyAuthenticated"() {
|
def "authorizeRequests() fullyAuthenticated"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(FullyAuthenticatedConfig)
|
loadConfig(FullyAuthenticatedConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -355,7 +355,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
.and()
|
.and()
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().fullyAuthenticated()
|
.anyRequest().fullyAuthenticated()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -368,7 +368,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
def "authorizeUrls() access"() {
|
def "authorizeRequests() access"() {
|
||||||
setup:
|
setup:
|
||||||
loadConfig(AccessConfig)
|
loadConfig(AccessConfig)
|
||||||
when:
|
when:
|
||||||
|
|
@ -399,7 +399,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
.and()
|
.and()
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().access("hasRole('ROLE_USER') or request.method == 'GET'")
|
.anyRequest().access("hasRole('ROLE_USER') or request.method == 'GET'")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -430,10 +430,10 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
|
||||||
http
|
http
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
||||||
|
|
@ -99,7 +99,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
@ -131,7 +131,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
@ -155,7 +155,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
@ -187,7 +187,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,7 @@ class Issue55Tests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER");
|
.anyRequest().hasRole("USER");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -84,7 +84,7 @@ class Issue55Tests extends BaseSpringSpec {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.antMatcher("/api/**")
|
.antMatcher("/api/**")
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER");
|
.anyRequest().hasRole("USER");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -93,7 +93,7 @@ class Issue55Tests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER");
|
.anyRequest().hasRole("USER");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER");
|
.anyRequest().hasRole("USER");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -98,7 +98,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
|
||||||
static class AnonymousKeyConfig extends BaseWebConfig {
|
static class AnonymousKeyConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.anonymous().key("AnonymousKeyConfig")
|
.anonymous().key("AnonymousKeyConfig")
|
||||||
|
|
@ -120,7 +120,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
|
||||||
static class AnonymousUsernameConfig extends BaseWebConfig {
|
static class AnonymousUsernameConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.anonymous().principal("AnonymousUsernameConfig")
|
.anonymous().principal("AnonymousUsernameConfig")
|
||||||
|
|
|
||||||
|
|
@ -76,7 +76,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
|
||||||
static class HttpBasicConfig extends BaseWebConfig {
|
static class HttpBasicConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.httpBasic();
|
.httpBasic();
|
||||||
|
|
@ -99,7 +99,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
|
||||||
static class CustomHttpBasicConfig extends BaseWebConfig {
|
static class CustomHttpBasicConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.httpBasic().realmName("Custom Realm");
|
.httpBasic().realmName("Custom Realm");
|
||||||
|
|
@ -150,7 +150,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
|
||||||
static class EntryPointRefHttpBasicConfig extends BaseWebConfig {
|
static class EntryPointRefHttpBasicConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
|
|
|
||||||
|
|
@ -152,7 +152,7 @@ public class NamespaceHttpCustomFilterTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class)
|
.addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class)
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@ public class NamespaceHttpExpressionHandlerTests extends BaseSpringSpec {
|
||||||
|
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.expressionHandler(EXPRESSION_HANDLER)
|
.expressionHandler(EXPRESSION_HANDLER)
|
||||||
.antMatchers("/users**","/sessions/**").hasRole("ADMIN")
|
.antMatchers("/users**","/sessions/**").hasRole("ADMIN")
|
||||||
.antMatchers("/signup").permitAll()
|
.antMatchers("/signup").permitAll()
|
||||||
|
|
|
||||||
|
|
@ -79,7 +79,7 @@ public class NamespaceHttpFormLoginTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
@ -117,7 +117,7 @@ public class NamespaceHttpFormLoginTests extends BaseSpringSpec {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
boolean alwaysUseDefaultSuccess = true;
|
boolean alwaysUseDefaultSuccess = true;
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
|
||||||
|
|
@ -138,7 +138,7 @@ public class NamespaceHttpInterceptUrlTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
// the line below is similar to intercept-url@pattern:
|
// the line below is similar to intercept-url@pattern:
|
||||||
// <intercept-url pattern="/users**" access="hasRole('ROLE_ADMIN')"/>
|
// <intercept-url pattern="/users**" access="hasRole('ROLE_ADMIN')"/>
|
||||||
// <intercept-url pattern="/sessions/**" access="hasRole('ROLE_ADMIN')"/>
|
// <intercept-url pattern="/sessions/**" access="hasRole('ROLE_ADMIN')"/>
|
||||||
|
|
|
||||||
|
|
@ -99,7 +99,7 @@ public class NamespaceHttpJeeTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.jee()
|
.jee()
|
||||||
|
|
@ -126,7 +126,7 @@ public class NamespaceHttpJeeTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.jee()
|
.jee()
|
||||||
|
|
|
||||||
|
|
@ -78,7 +78,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
|
||||||
static class OpenIDLoginConfig extends BaseWebConfig {
|
static class OpenIDLoginConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.openidLogin()
|
.openidLogin()
|
||||||
|
|
@ -129,7 +129,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
|
||||||
static class OpenIDLoginAttributeExchangeConfig extends BaseWebConfig {
|
static class OpenIDLoginAttributeExchangeConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) {
|
protected void configure(HttpSecurity http) {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.openidLogin()
|
.openidLogin()
|
||||||
|
|
@ -184,7 +184,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
boolean alwaysUseDefaultSuccess = true;
|
boolean alwaysUseDefaultSuccess = true;
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.openidLogin()
|
.openidLogin()
|
||||||
|
|
@ -218,7 +218,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
|
||||||
|
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.openidLogin()
|
.openidLogin()
|
||||||
|
|
|
||||||
|
|
@ -88,7 +88,7 @@ public class NamespaceHttpPortMappingsTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.portMapper()
|
.portMapper()
|
||||||
|
|
|
||||||
|
|
@ -103,7 +103,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.x509();
|
.x509();
|
||||||
|
|
@ -136,7 +136,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
|
||||||
|
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.x509()
|
.x509()
|
||||||
|
|
@ -170,7 +170,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.x509()
|
.x509()
|
||||||
|
|
@ -204,7 +204,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.x509()
|
.x509()
|
||||||
|
|
@ -238,7 +238,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
|
||||||
|
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.x509()
|
.x509()
|
||||||
|
|
|
||||||
|
|
@ -112,7 +112,7 @@ public class NamespaceRememberMeTests extends BaseSpringSpec {
|
||||||
static class RememberMeConfig extends BaseWebConfig {
|
static class RememberMeConfig extends BaseWebConfig {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
|
||||||
|
|
@ -46,7 +46,7 @@ class PermitAllSupportTests extends BaseSpringSpec {
|
||||||
loadConfig(NoAuthorizedUrlsConfig)
|
loadConfig(NoAuthorizedUrlsConfig)
|
||||||
then:
|
then:
|
||||||
BeanCreationException e = thrown()
|
BeanCreationException e = thrown()
|
||||||
e.message.contains "permitAll only works with HttpSecurity.authorizeUrls"
|
e.message.contains "permitAll only works with HttpSecurity.authorizeRequests"
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,7 @@ public class RememberMeConfigurerTests extends BaseSpringSpec {
|
||||||
static class NullUserDetailsConfig extends WebSecurityConfigurerAdapter {
|
static class NullUserDetailsConfig extends WebSecurityConfigurerAdapter {
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().hasRole("USER")
|
.anyRequest().hasRole("USER")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.formLogin()
|
||||||
|
|
|
||||||
|
|
@ -76,7 +76,7 @@ class OpenIDLoginConfigurerTests extends BaseSpringSpec {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
.authorizeUrls()
|
.authorizeRequests()
|
||||||
.anyRequest().authenticated()
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.openidLogin()
|
.openidLogin()
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue