SEC-2202: http.authorizeUrls() to http.authorizeRequests()

This change is more meaningful since the requests can be matched on
anything not just the URL
This commit is contained in:
Rob Winch 2013-07-22 11:54:10 -05:00
parent e1d8db4e95
commit a39ff1b041
32 changed files with 119 additions and 119 deletions

View File

@ -88,7 +88,7 @@ import org.springframework.util.Assert;
* @Override * @Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers("/**").hasRole("USER") * .antMatchers("/**").hasRole("USER")
* .and() * .and()
* .formLogin(); * .formLogin();
@ -148,7 +148,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) { * protected void configure(HttpSecurity http) {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .openidLogin() * .openidLogin()
@ -180,7 +180,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) { * protected void configure(HttpSecurity http) {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .openidLogin() * .openidLogin()
@ -259,7 +259,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .anyRequest().hasRole(&quot;USER&quot;) * .anyRequest().hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin() * .formLogin()
@ -330,7 +330,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin() * .formLogin()
@ -379,7 +379,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* // Example jee() configuration * // Example jee() configuration
@ -454,7 +454,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* // Example x509() configuration * // Example x509() configuration
@ -497,7 +497,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin() * .formLogin()
@ -534,7 +534,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin(); * .formLogin();
@ -568,7 +568,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;) * .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
@ -596,7 +596,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* *
* <pre> * <pre>
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;) * .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
* </pre> * </pre>
@ -606,7 +606,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @return * @return
* @throws Exception * @throws Exception
*/ */
public ExpressionUrlAuthorizationConfigurer<HttpSecurity> authorizeUrls() throws Exception { public ExpressionUrlAuthorizationConfigurer<HttpSecurity> authorizeRequests() throws Exception {
return getOrApply(new ExpressionUrlAuthorizationConfigurer<HttpSecurity>()); return getOrApply(new ExpressionUrlAuthorizationConfigurer<HttpSecurity>());
} }
@ -681,7 +681,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin() * .formLogin()
@ -733,7 +733,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin() * .formLogin()
@ -766,7 +766,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin() * .formLogin()
@ -815,7 +815,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin(); * .formLogin();
@ -843,7 +843,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin() * .formLogin()
@ -894,7 +894,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .formLogin() * .formLogin()
@ -941,7 +941,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and() * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
* .httpBasic(); * .httpBasic();
* } * }
@ -1061,7 +1061,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* .requestMatchers() * .requestMatchers()
* .antMatchers("/api/**","/oauth/**") * .antMatchers("/api/**","/oauth/**")
* .and() * .and()
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and() * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
* .httpBasic(); * .httpBasic();
* } * }
@ -1092,7 +1092,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* .antMatchers("/api/**") * .antMatchers("/api/**")
* .antMatchers("/oauth/**") * .antMatchers("/oauth/**")
* .and() * .and()
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and() * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
* .httpBasic(); * .httpBasic();
* } * }
@ -1125,7 +1125,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* .requestMatchers() * .requestMatchers()
* .antMatchers("/oauth/**") * .antMatchers("/oauth/**")
* .and() * .and()
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and() * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
* .httpBasic(); * .httpBasic();
* } * }

View File

@ -45,7 +45,7 @@ import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) throws Exception { * protected void configure(HttpSecurity http) throws Exception {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers("/public/**").permitAll() * .antMatchers("/public/**").permitAll()
* .anyRequest().hasRole("USER") * .anyRequest().hasRole("USER")
* .and() * .and()

View File

@ -282,7 +282,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
* *
* <pre> * <pre>
* http * http
* .authorizeUrls() * .authorizeRequests()
* .anyRequest().authenticated().and() * .anyRequest().authenticated().and()
* .formLogin().and() * .formLogin().and()
* .httpBasic(); * .httpBasic();
@ -297,7 +297,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
logger.debug("Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity)."); logger.debug("Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity).");
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().authenticated() .anyRequest().authenticated()
.and() .and()
.formLogin().and() .formLogin().and()

View File

@ -65,7 +65,7 @@ import org.springframework.util.StringUtils;
* *
* @author Rob Winch * @author Rob Winch
* @since 3.2 * @since 3.2
* @see {@link org.springframework.security.config.annotation.web.builders.HttpSecurity#authorizeUrls()} * @see {@link org.springframework.security.config.annotation.web.builders.HttpSecurity#authorizeRequests()}
*/ */
public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractInterceptUrlConfigurer<H,ExpressionUrlAuthorizationConfigurer<H>,ExpressionUrlAuthorizationConfigurer<H>.AuthorizedUrl> { public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractInterceptUrlConfigurer<H,ExpressionUrlAuthorizationConfigurer<H>,ExpressionUrlAuthorizationConfigurer<H>.AuthorizedUrl> {
static final String permitAll = "permitAll"; static final String permitAll = "permitAll";
@ -79,7 +79,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
/** /**
* Creates a new instance * Creates a new instance
* @see HttpSecurity#authorizeUrls() * @see HttpSecurity#authorizeRequests()
*/ */
public ExpressionUrlAuthorizationConfigurer() { public ExpressionUrlAuthorizationConfigurer() {
} }
@ -114,7 +114,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
final ExpressionBasedFilterInvocationSecurityMetadataSource createMetadataSource() { final ExpressionBasedFilterInvocationSecurityMetadataSource createMetadataSource() {
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = createRequestMap(); LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = createRequestMap();
if(requestMap.isEmpty()) { if(requestMap.isEmpty()) {
throw new IllegalStateException("At least one mapping is required (i.e. authorizeUrls().anyRequest.authenticated())"); throw new IllegalStateException("At least one mapping is required (i.e. authorizeRequests().anyRequest.authenticated())");
} }
return new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, expressionHandler); return new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, expressionHandler);
} }

View File

@ -36,7 +36,7 @@ final class PermitAllSupport {
ExpressionUrlAuthorizationConfigurer<?> configurer = http.getConfigurer(ExpressionUrlAuthorizationConfigurer.class); ExpressionUrlAuthorizationConfigurer<?> configurer = http.getConfigurer(ExpressionUrlAuthorizationConfigurer.class);
if(configurer == null) { if(configurer == null) {
throw new IllegalStateException("permitAll only works with HttpSecurity.authorizeUrls()"); throw new IllegalStateException("permitAll only works with HttpSecurity.authorizeRequests()");
} }
for(String url : urls) { for(String url : urls) {

View File

@ -64,7 +64,7 @@ import org.springframework.security.web.authentication.ui.DefaultLoginPageViewFi
* &#064;Override * &#064;Override
* protected void configure(HttpSecurity http) { * protected void configure(HttpSecurity http) {
* http * http
* .authorizeUrls() * .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;) * .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and() * .and()
* .openidLogin() * .openidLogin()

View File

@ -169,7 +169,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.antMatchers("/signup","/about").permitAll() .antMatchers("/signup","/about").permitAll()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
@ -290,7 +290,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.antMatcher("/api/**") .antMatcher("/api/**")
.authorizeUrls() .authorizeRequests()
.antMatchers("/api/admin/**").hasRole("ADMIN") .antMatchers("/api/admin/**").hasRole("ADMIN")
.antMatchers("/api/**").hasRole("USER") .antMatchers("/api/**").hasRole("USER")
.and() .and()
@ -310,7 +310,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.antMatchers("/signup","/about").permitAll() .antMatchers("/signup","/about").permitAll()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()

View File

@ -42,7 +42,7 @@ public class WebSecurityConfigurerAdapterTestsConfigs {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.antMatcher("/role1/**") .antMatcher("/role1/**")
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("1"); .anyRequest().hasRole("1");
} }

View File

@ -113,7 +113,7 @@ public class HttpSecurityTests extends BaseSpringSpec {
.antMatchers("/api/**") .antMatchers("/api/**")
.antMatchers("/oauth/**") .antMatchers("/oauth/**")
.and() .and()
.authorizeUrls() .authorizeRequests()
.antMatchers("/**").hasRole("USER") .antMatchers("/**").hasRole("USER")
.and() .and()
.httpBasic() .httpBasic()

View File

@ -77,7 +77,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().permitAll() .anyRequest().permitAll()
.accessDecisionManager(ACCESS_DECISION_MGR) .accessDecisionManager(ACCESS_DECISION_MGR)
} }
@ -118,7 +118,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER"); .anyRequest().hasRole("USER");
} }
@ -301,7 +301,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER"); .anyRequest().hasRole("USER");
} }
} }
@ -318,7 +318,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http. http.
authorizeUrls() authorizeRequests()
.filterSecurityInterceptorOncePerRequest(false) .filterSecurityInterceptorOncePerRequest(false)
.antMatchers("/users**","/sessions/**").hasRole("ADMIN") .antMatchers("/users**","/sessions/**").hasRole("ADMIN")
.antMatchers("/signup").permitAll() .antMatchers("/signup").permitAll()
@ -482,7 +482,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
static class UseExpressionsConfig extends BaseWebConfig { static class UseExpressionsConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.antMatchers("/users**","/sessions/**").hasRole("USER") .antMatchers("/users**","/sessions/**").hasRole("USER")
.antMatchers("/signup").permitAll() .antMatchers("/signup").permitAll()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")

View File

@ -62,7 +62,7 @@ class EnableWebSecurityTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.antMatchers("/*").hasRole("USER") .antMatchers("/*").hasRole("USER")
.and() .and()
.formLogin(); .formLogin();

View File

@ -87,7 +87,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.antMatcher("/role1/**") .antMatcher("/role1/**")
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("1"); .anyRequest().hasRole("1");
} }
} }
@ -99,7 +99,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.antMatcher("/role2/**") .antMatcher("/role2/**")
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("2"); .anyRequest().hasRole("2");
} }
} }
@ -111,7 +111,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.antMatcher("/role3/**") .antMatcher("/role3/**")
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("3"); .anyRequest().hasRole("3");
} }
} }
@ -122,7 +122,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("4"); .anyRequest().hasRole("4");
} }
} }
@ -155,7 +155,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.antMatcher("/role1/**") .antMatcher("/role1/**")
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("1"); .anyRequest().hasRole("1");
} }
} }
@ -166,7 +166,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.antMatcher("/role2/**") .antMatcher("/role2/**")
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("2"); .anyRequest().hasRole("2");
} }
} }
@ -232,7 +232,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().authenticated() .anyRequest().authenticated()
} }
} }
@ -253,7 +253,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().authenticated() .anyRequest().authenticated()
} }
} }

View File

@ -130,7 +130,7 @@ class DefaultFiltersTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER"); .anyRequest().hasRole("USER");
} }
} }

View File

@ -134,7 +134,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()
@ -159,7 +159,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.logout() .logout()
@ -187,7 +187,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.logout() .logout()
@ -222,7 +222,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()
@ -252,7 +252,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.openidLogin() .openidLogin()
@ -289,7 +289,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.rememberMe() .rememberMe()
@ -315,7 +315,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
.exceptionHandling() .exceptionHandling()
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")) .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()

View File

@ -110,7 +110,7 @@ class ExceptionHandlingConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().authenticated() .anyRequest().authenticated()
.and() .and()
.httpBasic() .httpBasic()

View File

@ -54,7 +54,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
e.message == "role should not start with 'ROLE_' since it is automatically inserted. Got 'ROLE_USER'" e.message == "role should not start with 'ROLE_' since it is automatically inserted. Got 'ROLE_USER'"
} }
def "authorizeUrls() uses AffirmativeBased AccessDecisionManager"() { def "authorizeRequests() uses AffirmativeBased AccessDecisionManager"() {
when: "Load Config with no specific AccessDecisionManager" when: "Load Config with no specific AccessDecisionManager"
loadConfig(NoSpecificAccessDecessionManagerConfig) loadConfig(NoSpecificAccessDecessionManagerConfig)
then: "AccessDecessionManager matches the HttpSecurityBuilder's default" then: "AccessDecessionManager matches the HttpSecurityBuilder's default"
@ -66,17 +66,17 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
static class NoSpecificAccessDecessionManagerConfig extends WebSecurityConfigurerAdapter { static class NoSpecificAccessDecessionManagerConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
} }
} }
def "authorizeUrls() no requests"() { def "authorizeRequests() no requests"() {
when: "Load Config with no requests" when: "Load Config with no requests"
loadConfig(NoRequestsConfig) loadConfig(NoRequestsConfig)
then: "A meaningful exception is thrown" then: "A meaningful exception is thrown"
BeanCreationException success = thrown() BeanCreationException success = thrown()
success.message.contains "At least one mapping is required (i.e. authorizeUrls().anyRequest.authenticated())" success.message.contains "At least one mapping is required (i.e. authorizeRequests().anyRequest.authenticated())"
} }
@EnableWebSecurity @EnableWebSecurity
@ -84,11 +84,11 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
static class NoRequestsConfig extends WebSecurityConfigurerAdapter { static class NoRequestsConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
} }
} }
def "authorizeUrls() incomplete mapping"() { def "authorizeRequests() incomplete mapping"() {
when: "Load Config with incomplete mapping" when: "Load Config with incomplete mapping"
loadConfig(IncompleteMappingConfig) loadConfig(IncompleteMappingConfig)
then: "A meaningful exception is thrown" then: "A meaningful exception is thrown"
@ -101,13 +101,13 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
static class IncompleteMappingConfig extends WebSecurityConfigurerAdapter { static class IncompleteMappingConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.antMatchers("/a").authenticated() .antMatchers("/a").authenticated()
.anyRequest() .anyRequest()
} }
} }
def "authorizeUrls() hasAuthority"() { def "authorizeRequests() hasAuthority"() {
setup: setup:
loadConfig(HasAuthorityConfig) loadConfig(HasAuthorityConfig)
when: when:
@ -135,12 +135,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http http
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().hasAuthority("ROLE_USER") .anyRequest().hasAuthority("ROLE_USER")
} }
} }
def "authorizeUrls() hasAnyAuthority"() { def "authorizeRequests() hasAnyAuthority"() {
setup: setup:
loadConfig(HasAnyAuthorityConfig) loadConfig(HasAnyAuthorityConfig)
when: when:
@ -174,12 +174,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http http
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().hasAnyAuthority("ROLE_ADMIN","ROLE_DBA") .anyRequest().hasAnyAuthority("ROLE_ADMIN","ROLE_DBA")
} }
} }
def "authorizeUrls() hasIpAddress"() { def "authorizeRequests() hasIpAddress"() {
setup: setup:
loadConfig(HasIpAddressConfig) loadConfig(HasIpAddressConfig)
when: when:
@ -202,12 +202,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http http
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().hasIpAddress("192.168.1.0") .anyRequest().hasIpAddress("192.168.1.0")
} }
} }
def "authorizeUrls() anonymous"() { def "authorizeRequests() anonymous"() {
setup: setup:
loadConfig(AnonymousConfig) loadConfig(AnonymousConfig)
when: when:
@ -229,12 +229,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http http
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().anonymous() .anyRequest().anonymous()
} }
} }
def "authorizeUrls() rememberMe"() { def "authorizeRequests() rememberMe"() {
setup: setup:
loadConfig(RememberMeConfig) loadConfig(RememberMeConfig)
when: when:
@ -258,7 +258,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
.and() .and()
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().rememberMe() .anyRequest().rememberMe()
} }
@ -271,7 +271,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
} }
} }
def "authorizeUrls() denyAll"() { def "authorizeRequests() denyAll"() {
setup: setup:
loadConfig(DenyAllConfig) loadConfig(DenyAllConfig)
when: when:
@ -293,12 +293,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http http
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().denyAll() .anyRequest().denyAll()
} }
} }
def "authorizeUrls() not denyAll"() { def "authorizeRequests() not denyAll"() {
setup: setup:
loadConfig(NotDenyAllConfig) loadConfig(NotDenyAllConfig)
when: when:
@ -320,12 +320,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http http
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().not().denyAll() .anyRequest().not().denyAll()
} }
} }
def "authorizeUrls() fullyAuthenticated"() { def "authorizeRequests() fullyAuthenticated"() {
setup: setup:
loadConfig(FullyAuthenticatedConfig) loadConfig(FullyAuthenticatedConfig)
when: when:
@ -355,7 +355,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
.and() .and()
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().fullyAuthenticated() .anyRequest().fullyAuthenticated()
} }
@ -368,7 +368,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
} }
} }
def "authorizeUrls() access"() { def "authorizeRequests() access"() {
setup: setup:
loadConfig(AccessConfig) loadConfig(AccessConfig)
when: when:
@ -399,7 +399,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
.and() .and()
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().access("hasRole('ROLE_USER') or request.method == 'GET'") .anyRequest().access("hasRole('ROLE_USER') or request.method == 'GET'")
} }
@ -430,10 +430,10 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http http
.httpBasic() .httpBasic()
.and() .and()
.authorizeUrls() .authorizeRequests()
.anyRequest().authenticated() .anyRequest().authenticated()
.and() .and()
.authorizeUrls() .authorizeRequests()
} }
@Override @Override

View File

@ -99,7 +99,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()
@ -131,7 +131,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()
@ -155,7 +155,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()
@ -187,7 +187,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()

View File

@ -52,7 +52,7 @@ class Issue55Tests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER"); .anyRequest().hasRole("USER");
} }
} }
@ -84,7 +84,7 @@ class Issue55Tests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.antMatcher("/api/**") .antMatcher("/api/**")
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER"); .anyRequest().hasRole("USER");
} }
} }
@ -93,7 +93,7 @@ class Issue55Tests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER"); .anyRequest().hasRole("USER");
} }
} }

View File

@ -47,7 +47,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER"); .anyRequest().hasRole("USER");
} }
} }
@ -98,7 +98,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
static class AnonymousKeyConfig extends BaseWebConfig { static class AnonymousKeyConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.anonymous().key("AnonymousKeyConfig") .anonymous().key("AnonymousKeyConfig")
@ -120,7 +120,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
static class AnonymousUsernameConfig extends BaseWebConfig { static class AnonymousUsernameConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.anonymous().principal("AnonymousUsernameConfig") .anonymous().principal("AnonymousUsernameConfig")

View File

@ -76,7 +76,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
static class HttpBasicConfig extends BaseWebConfig { static class HttpBasicConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.httpBasic(); .httpBasic();
@ -99,7 +99,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
static class CustomHttpBasicConfig extends BaseWebConfig { static class CustomHttpBasicConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.httpBasic().realmName("Custom Realm"); .httpBasic().realmName("Custom Realm");
@ -150,7 +150,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
static class EntryPointRefHttpBasicConfig extends BaseWebConfig { static class EntryPointRefHttpBasicConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.httpBasic() .httpBasic()

View File

@ -152,7 +152,7 @@ public class NamespaceHttpCustomFilterTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class) .addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class)

View File

@ -47,7 +47,7 @@ public class NamespaceHttpExpressionHandlerTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.expressionHandler(EXPRESSION_HANDLER) .expressionHandler(EXPRESSION_HANDLER)
.antMatchers("/users**","/sessions/**").hasRole("ADMIN") .antMatchers("/users**","/sessions/**").hasRole("ADMIN")
.antMatchers("/signup").permitAll() .antMatchers("/signup").permitAll()

View File

@ -79,7 +79,7 @@ public class NamespaceHttpFormLoginTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()
@ -117,7 +117,7 @@ public class NamespaceHttpFormLoginTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
boolean alwaysUseDefaultSuccess = true; boolean alwaysUseDefaultSuccess = true;
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()

View File

@ -138,7 +138,7 @@ public class NamespaceHttpInterceptUrlTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
// the line below is similar to intercept-url@pattern: // the line below is similar to intercept-url@pattern:
// <intercept-url pattern="/users**" access="hasRole('ROLE_ADMIN')"/> // <intercept-url pattern="/users**" access="hasRole('ROLE_ADMIN')"/>
// <intercept-url pattern="/sessions/**" access="hasRole('ROLE_ADMIN')"/> // <intercept-url pattern="/sessions/**" access="hasRole('ROLE_ADMIN')"/>

View File

@ -99,7 +99,7 @@ public class NamespaceHttpJeeTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.jee() .jee()
@ -126,7 +126,7 @@ public class NamespaceHttpJeeTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.jee() .jee()

View File

@ -78,7 +78,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
static class OpenIDLoginConfig extends BaseWebConfig { static class OpenIDLoginConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.openidLogin() .openidLogin()
@ -129,7 +129,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
static class OpenIDLoginAttributeExchangeConfig extends BaseWebConfig { static class OpenIDLoginAttributeExchangeConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) { protected void configure(HttpSecurity http) {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.openidLogin() .openidLogin()
@ -184,7 +184,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
boolean alwaysUseDefaultSuccess = true; boolean alwaysUseDefaultSuccess = true;
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.openidLogin() .openidLogin()
@ -218,7 +218,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.openidLogin() .openidLogin()

View File

@ -88,7 +88,7 @@ public class NamespaceHttpPortMappingsTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.portMapper() .portMapper()

View File

@ -103,7 +103,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.x509(); .x509();
@ -136,7 +136,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.x509() .x509()
@ -170,7 +170,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.x509() .x509()
@ -204,7 +204,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.x509() .x509()
@ -238,7 +238,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.x509() .x509()

View File

@ -112,7 +112,7 @@ public class NamespaceRememberMeTests extends BaseSpringSpec {
static class RememberMeConfig extends BaseWebConfig { static class RememberMeConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()

View File

@ -46,7 +46,7 @@ class PermitAllSupportTests extends BaseSpringSpec {
loadConfig(NoAuthorizedUrlsConfig) loadConfig(NoAuthorizedUrlsConfig)
then: then:
BeanCreationException e = thrown() BeanCreationException e = thrown()
e.message.contains "permitAll only works with HttpSecurity.authorizeUrls" e.message.contains "permitAll only works with HttpSecurity.authorizeRequests"
} }

View File

@ -45,7 +45,7 @@ public class RememberMeConfigurerTests extends BaseSpringSpec {
static class NullUserDetailsConfig extends WebSecurityConfigurerAdapter { static class NullUserDetailsConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().hasRole("USER") .anyRequest().hasRole("USER")
.and() .and()
.formLogin() .formLogin()

View File

@ -76,7 +76,7 @@ class OpenIDLoginConfigurerTests extends BaseSpringSpec {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http
.authorizeUrls() .authorizeRequests()
.anyRequest().authenticated() .anyRequest().authenticated()
.and() .and()
.openidLogin() .openidLogin()