From 6f3a1fe1cd99b06e4ba1af34ae9a71c1526373f5 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com> Date: Fri, 29 Dec 2023 10:55:42 -0600 Subject: [PATCH] Polish kotlin.adoc Issue gh-14384 --- .../pages/servlet/configuration/kotlin.adoc | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/configuration/kotlin.adoc b/docs/modules/ROOT/pages/servlet/configuration/kotlin.adoc index 6efd657cff..8abfbbfbc4 100644 --- a/docs/modules/ROOT/pages/servlet/configuration/kotlin.adoc +++ b/docs/modules/ROOT/pages/servlet/configuration/kotlin.adoc @@ -1,6 +1,7 @@ [[kotlin-config]] = Kotlin Configuration + Spring Security Kotlin configuration has been available since Spring Security 5.3. It lets users configure Spring Security by using a native Kotlin DSL. @@ -23,19 +24,19 @@ import org.springframework.security.config.annotation.web.invoke @Bean open fun filterChain(http: HttpSecurity): SecurityFilterChain { - http { + http { authorizeHttpRequests { authorize(anyRequest, authenticated) } - formLogin { } - httpBasic { } + formLogin { } + httpBasic { } } return http.build() } ---- [NOTE] -Make sure that import the `invoke` function in your class, sometimes the IDE will not auto-import it causing compilation issues. +Make sure to import the `invoke` function in your class, as the IDE will not always auto-import the method, causing compilation issues. The default configuration (shown in the preceding listing): @@ -43,7 +44,7 @@ The default configuration (shown in the preceding listing): * Lets users authenticate with form-based login * Lets users authenticate with HTTP Basic authentication -Note that this configuration is parallels the XML namespace configuration: +Note that this configuration parallels the XML namespace configuration: [source,xml] ---- @@ -58,13 +59,13 @@ Note that this configuration is parallels the XML namespace configuration: We can configure multiple `HttpSecurity` instances, just as we can have multiple `` blocks. The key is to register multiple `SecurityFilterChain` ``@Bean``s. -The following example has a different configuration for URL's that start with `/api/`: +The following example has a different configuration for URLs that start with `/api/`: [source,kotlin] ---- -@Configuration import org.springframework.security.config.annotation.web.invoke +@Configuration @EnableWebSecurity class MultiHttpSecurityConfig { @Bean <1> @@ -104,7 +105,7 @@ class MultiHttpSecurityConfig { <1> Configure Authentication as usual. <2> Create an instance of `SecurityFilterChain` that contains `@Order` to specify which `SecurityFilterChain` should be considered first. -<3> The `http.antMatcher` states that this `HttpSecurity` is applicable only to URLs that start with `/api/` +<3> The `http.securityMatcher` states that this `HttpSecurity` is applicable only to URLs that start with `/api/` <4> Create another instance of `SecurityFilterChain`. If the URL does not start with `/api/`, this configuration is used. This configuration is considered after `apiFilterChain`, since it has an `@Order` value after `1` (no `@Order` defaults to last).