diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java b/config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java index c09990e9ea..169815dbce 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java @@ -434,7 +434,7 @@ public abstract class AbstractRequestMatcherRegistry { } } - private String computeErrorMessage(Collection registrations) { + private static String computeErrorMessage(Collection registrations) { String template = "This method cannot decide whether these patterns are Spring MVC patterns or not. " + "If this endpoint is a Spring MVC endpoint, please use requestMatchers(MvcRequestMatcher); " + "otherwise, please use requestMatchers(AntPathRequestMatcher).\n\n" @@ -628,7 +628,7 @@ public abstract class AbstractRequestMatcherRegistry { public boolean matches(HttpServletRequest request) { String name = request.getHttpServletMapping().getServletName(); ServletRegistration registration = this.servletContext.getServletRegistration(name); - Assert.notNull(name, "Failed to find servlet [" + name + "] in the servlet context"); + Assert.notNull(registration, computeErrorMessage(this.servletContext.getServletRegistrations().values())); try { Class clazz = Class.forName(registration.getClassName()); return DispatcherServlet.class.isAssignableFrom(clazz); @@ -670,18 +670,12 @@ public abstract class AbstractRequestMatcherRegistry { @Override public boolean matches(HttpServletRequest request) { - if (this.dispatcherServlet.matches(request)) { - return this.mvc.matches(request); - } - return this.ant.matches(request); + return requestMatcher(request).matches(request); } @Override public MatchResult matcher(HttpServletRequest request) { - if (this.dispatcherServlet.matches(request)) { - return this.mvc.matcher(request); - } - return this.ant.matcher(request); + return requestMatcher(request).matcher(request); } @Override diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryTests.java index efa51cbc20..b836c2c737 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryTests.java @@ -400,6 +400,19 @@ public class AbstractRequestMatcherRegistryTests { verifyNoMoreInteractions(mvc); } + @Test + public void matchesWhenNoMappingThenException() { + MockServletContext servletContext = new MockServletContext(); + servletContext.addServlet("default", DispatcherServlet.class).addMapping("/"); + servletContext.addServlet("path", Servlet.class).addMapping("/services/*"); + MvcRequestMatcher mvc = mock(MvcRequestMatcher.class); + AntPathRequestMatcher ant = mock(AntPathRequestMatcher.class); + DispatcherServletDelegatingRequestMatcher requestMatcher = new DispatcherServletDelegatingRequestMatcher(ant, + mvc, servletContext); + MockHttpServletRequest request = new MockHttpServletRequest("GET", "/services/endpoint"); + assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> requestMatcher.matcher(request)); + } + private void mockMvcIntrospector(boolean isPresent) { ApplicationContext context = this.matcherRegistry.getApplicationContext(); given(context.containsBean("mvcHandlerMappingIntrospector")).willReturn(isPresent);