Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix typo in the 'Authorizing Requests' example 

The example request matcher listed "/resources/**", while the explanation (3) used "/static/" instead.
This commit is contained in:
aaron-to-go 2023-11-19 13:32:49 +01:00 committed by Marcus Hert Da Coregio
parent ba851266c5
commit d99e98515c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
View File

@ -749,7 +749,7 @@ SecurityFilterChain web(HttpSecurity http) throws Exception {
Each rule is considered in the order they were declared.
<2> Dispatches `FORWARD` and `ERROR` are permitted to allow {spring-framework-reference-url}web.html#spring-web[Spring MVC] to render views and Spring Boot to render errors
<3> We specified multiple URL patterns that any user can access.
Specifically, any user can access a request if the URL starts with "/resources/", equals "/signup", or equals "/about".
Specifically, any user can access a request if the URL starts with "/static/", equals "/signup", or equals "/about".
<4> Any URL that starts with "/admin/" will be restricted to users who have the role "ROLE_ADMIN".
You will notice that since we are invoking the `hasRole` method we do not need to specify the "ROLE_" prefix.
<5> Any URL that starts with "/db/" requires the user to have both been granted the "db" permission as well as be a "ROLE_ADMIN".