From bb3a973fcb7fb9c0289da34567d55c3645564a66 Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Sat, 11 Dec 2010 20:29:30 +0000
Subject: [PATCH] SEC-1636: Add optimizations for universal match cases in
 AntUrlPathMatcher (using "/**" and "**" equality checks on the path).

---
 .../security/web/util/AntUrlPathMatcher.java             | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/web/src/main/java/org/springframework/security/web/util/AntUrlPathMatcher.java b/web/src/main/java/org/springframework/security/web/util/AntUrlPathMatcher.java
index f0fbadf0b1..9c719f9a64 100644
--- a/web/src/main/java/org/springframework/security/web/util/AntUrlPathMatcher.java
+++ b/web/src/main/java/org/springframework/security/web/util/AntUrlPathMatcher.java
@@ -5,6 +5,12 @@ import org.springframework.util.AntPathMatcher;
 
 /**
  * Ant path strategy for URL matching.
+ * <p>
+ * If the path consists of the pattern {@code /**} or {@code **}, it is treated as a universal
+ * match, which wil match any URL.
+ * <p>
+ * For all other cases, Spring's {@code AntPathMatcher} is used to perform the check for a match. See the Spring
+ * documentation for this class for more information on the syntax details.
  *
  * @author Luke Taylor
  */
@@ -33,6 +39,9 @@ public class AntUrlPathMatcher implements UrlMatcher {
     }
 
     public boolean pathMatchesUrl(Object path, String url) {
+        if ("/**".equals(path) || "**".equals(path)) {
+            return true;
+        }
         return pathMatcher.match((String)path, url);
     }