GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-2202: http.authorizeUrls() to http.authorizeRequests() 

This change is more meaningful since the requests can be matched on
anything not just the URL
pull/38/head
Rob Winch 13 years ago
parent
e1d8db4e95
commit
a39ff1b041
32 changed files with 119 additions and 119 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 44
      config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
  2. 2
      config/src/main/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurity.java
  3. 4
      config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java
  4. 6
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
  5. 2
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupport.java
  6. 2
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
  7. 6
      config/src/test/groovy/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.groovy
  8. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTestsConfigs.java
  9. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.groovy
  10. 10
      config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy
  11. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/EnableWebSecurityTests.groovy
  12. 16
      config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy
  13. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/DefaultFiltersTests.groovy
  14. 14
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.groovy
  15. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.groovy
  16. 54
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationsTests.groovy
  17. 8
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.groovy
  18. 6
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy
  19. 6
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.groovy
  20. 6
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.groovy
  21. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.groovy
  22. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.groovy
  23. 4
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.groovy
  24. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.groovy
  25. 4
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.groovy
  26. 8
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.groovy
  27. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.groovy
  28. 10
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.groovy
  29. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy
  30. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.groovy
  31. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.groovy
  32. 2
      config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurerTests.groovy

44
config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
Unescape View File

@ -88,7 +88,7 @@ import org.springframework.util.Assert; @@ -88,7 +88,7 @@ import org.springframework.util.Assert;
* @Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers("/**").hasRole("USER")
* .and()
* .formLogin();
@ -148,7 +148,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -148,7 +148,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .openidLogin()
@ -180,7 +180,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -180,7 +180,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .openidLogin()
@ -259,7 +259,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -259,7 +259,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .anyRequest().hasRole(&quot;USER&quot;)
* .and()
* .formLogin()
@ -330,7 +330,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -330,7 +330,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin()
@ -379,7 +379,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -379,7 +379,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* // Example jee() configuration
@ -454,7 +454,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -454,7 +454,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* // Example x509() configuration
@ -497,7 +497,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -497,7 +497,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin()
@ -534,7 +534,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -534,7 +534,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin();
@ -568,7 +568,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -568,7 +568,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
@ -596,7 +596,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -596,7 +596,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
*
* <pre>
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .antMatchers(&quot;/admin/**&quot;).hasRole(&quot;ADMIN&quot;)
* </pre>
@ -606,7 +606,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -606,7 +606,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @return
* @throws Exception
*/
public ExpressionUrlAuthorizationConfigurer<HttpSecurity> authorizeUrls() throws Exception {
public ExpressionUrlAuthorizationConfigurer<HttpSecurity> authorizeRequests() throws Exception {
return getOrApply(new ExpressionUrlAuthorizationConfigurer<HttpSecurity>());
}
@ -681,7 +681,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -681,7 +681,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin()
@ -733,7 +733,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -733,7 +733,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin()
@ -766,7 +766,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -766,7 +766,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin()
@ -815,7 +815,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -815,7 +815,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin();
@ -843,7 +843,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -843,7 +843,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin()
@ -894,7 +894,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -894,7 +894,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .formLogin()
@ -941,7 +941,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -941,7 +941,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
* .httpBasic();
* }
@ -1061,7 +1061,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -1061,7 +1061,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* .requestMatchers()
* .antMatchers("/api/**","/oauth/**")
* .and()
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
* .httpBasic();
* }
@ -1092,7 +1092,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -1092,7 +1092,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* .antMatchers("/api/**")
* .antMatchers("/oauth/**")
* .and()
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
* .httpBasic();
* }
@ -1125,7 +1125,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul @@ -1125,7 +1125,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* .requestMatchers()
* .antMatchers("/oauth/**")
* .and()
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;).and()
* .httpBasic();
* }

2
config/src/main/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurity.java
Unescape View File

@ -45,7 +45,7 @@ import org.springframework.security.config.annotation.web.WebSecurityConfigurer; @@ -45,7 +45,7 @@ import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
* &#064;Override
* protected void configure(HttpSecurity http) throws Exception {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers("/public/**").permitAll()
* .anyRequest().hasRole("USER")
* .and()

4
config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java
Unescape View File

@ -282,7 +282,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer @@ -282,7 +282,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
*
* <pre>
* http
* .authorizeUrls()
* .authorizeRequests()
* .anyRequest().authenticated().and()
* .formLogin().and()
* .httpBasic();
@ -297,7 +297,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer @@ -297,7 +297,7 @@ public abstract class WebSecurityConfigurerAdapter implements SecurityConfigurer
logger.debug("Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity).");
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin().and()

6
config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
Unescape View File

@ -65,7 +65,7 @@ import org.springframework.util.StringUtils; @@ -65,7 +65,7 @@ import org.springframework.util.StringUtils;
*
* @author Rob Winch
* @since 3.2
* @see {@link org.springframework.security.config.annotation.web.builders.HttpSecurity#authorizeUrls()}
* @see {@link org.springframework.security.config.annotation.web.builders.HttpSecurity#authorizeRequests()}
*/
public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractInterceptUrlConfigurer<H,ExpressionUrlAuthorizationConfigurer<H>,ExpressionUrlAuthorizationConfigurer<H>.AuthorizedUrl> {
static final String permitAll = "permitAll";
@ -79,7 +79,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu @@ -79,7 +79,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
/**
* Creates a new instance
* @see HttpSecurity#authorizeUrls()
* @see HttpSecurity#authorizeRequests()
*/
public ExpressionUrlAuthorizationConfigurer() {
}
@ -114,7 +114,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu @@ -114,7 +114,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
final ExpressionBasedFilterInvocationSecurityMetadataSource createMetadataSource() {
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = createRequestMap();
if(requestMap.isEmpty()) {
throw new IllegalStateException("At least one mapping is required (i.e. authorizeUrls().anyRequest.authenticated())");
throw new IllegalStateException("At least one mapping is required (i.e. authorizeRequests().anyRequest.authenticated())");
}
return new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, expressionHandler);
}

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupport.java
Unescape View File

@ -36,7 +36,7 @@ final class PermitAllSupport { @@ -36,7 +36,7 @@ final class PermitAllSupport {
ExpressionUrlAuthorizationConfigurer<?> configurer = http.getConfigurer(ExpressionUrlAuthorizationConfigurer.class);
if(configurer == null) {
throw new IllegalStateException("permitAll only works with HttpSecurity.authorizeUrls()");
throw new IllegalStateException("permitAll only works with HttpSecurity.authorizeRequests()");
}
for(String url : urls) {

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurer.java
Unescape View File

@ -64,7 +64,7 @@ import org.springframework.security.web.authentication.ui.DefaultLoginPageViewFi @@ -64,7 +64,7 @@ import org.springframework.security.web.authentication.ui.DefaultLoginPageViewFi
* &#064;Override
* protected void configure(HttpSecurity http) {
* http
* .authorizeUrls()
* .authorizeRequests()
* .antMatchers(&quot;/**&quot;).hasRole(&quot;USER&quot;)
* .and()
* .openidLogin()

6
config/src/test/groovy/org/springframework/security/config/annotation/web/SampleWebSecurityConfigurerAdapterTests.groovy
Unescape View File

@ -169,7 +169,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe @@ -169,7 +169,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.antMatchers("/signup","/about").permitAll()
.anyRequest().hasRole("USER")
.and()
@ -290,7 +290,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe @@ -290,7 +290,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/api/**")
.authorizeUrls()
.authorizeRequests()
.antMatchers("/api/admin/**").hasRole("ADMIN")
.antMatchers("/api/**").hasRole("USER")
.and()
@ -310,7 +310,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe @@ -310,7 +310,7 @@ public class SampleWebSecurityConfigurerAdapterTests extends BaseWebSpecuritySpe
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.antMatchers("/signup","/about").permitAll()
.anyRequest().hasRole("USER")
.and()

2
config/src/test/groovy/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterTestsConfigs.java
Unescape View File

@ -42,7 +42,7 @@ public class WebSecurityConfigurerAdapterTestsConfigs { @@ -42,7 +42,7 @@ public class WebSecurityConfigurerAdapterTestsConfigs {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/role1/**")
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("1");
}

2
config/src/test/groovy/org/springframework/security/config/annotation/web/builders/HttpConfigurationTests.groovy
Unescape View File

@ -113,7 +113,7 @@ public class HttpSecurityTests extends BaseSpringSpec { @@ -113,7 +113,7 @@ public class HttpSecurityTests extends BaseSpringSpec {
.antMatchers("/api/**")
.antMatchers("/oauth/**")
.and()
.authorizeUrls()
.authorizeRequests()
.antMatchers("/**").hasRole("USER")
.and()
.httpBasic()

10
config/src/test/groovy/org/springframework/security/config/annotation/web/builders/NamespaceHttpTests.groovy
Unescape View File

@ -77,7 +77,7 @@ public class NamespaceHttpTests extends BaseSpringSpec { @@ -77,7 +77,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().permitAll()
.accessDecisionManager(ACCESS_DECISION_MGR)
}
@ -118,7 +118,7 @@ public class NamespaceHttpTests extends BaseSpringSpec { @@ -118,7 +118,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER");
}
@ -301,7 +301,7 @@ public class NamespaceHttpTests extends BaseSpringSpec { @@ -301,7 +301,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER");
}
}
@ -318,7 +318,7 @@ public class NamespaceHttpTests extends BaseSpringSpec { @@ -318,7 +318,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.
authorizeUrls()
authorizeRequests()
.filterSecurityInterceptorOncePerRequest(false)
.antMatchers("/users**","/sessions/**").hasRole("ADMIN")
.antMatchers("/signup").permitAll()
@ -482,7 +482,7 @@ public class NamespaceHttpTests extends BaseSpringSpec { @@ -482,7 +482,7 @@ public class NamespaceHttpTests extends BaseSpringSpec {
static class UseExpressionsConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.antMatchers("/users**","/sessions/**").hasRole("USER")
.antMatchers("/signup").permitAll()
.anyRequest().hasRole("USER")

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/EnableWebSecurityTests.groovy
Unescape View File

@ -62,7 +62,7 @@ class EnableWebSecurityTests extends BaseSpringSpec { @@ -62,7 +62,7 @@ class EnableWebSecurityTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.antMatchers("/*").hasRole("USER")
.and()
.formLogin();

16
config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy
Unescape View File

@ -87,7 +87,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { @@ -87,7 +87,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/role1/**")
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("1");
}
}
@ -99,7 +99,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { @@ -99,7 +99,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/role2/**")
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("2");
}
}
@ -111,7 +111,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { @@ -111,7 +111,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/role3/**")
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("3");
}
}
@ -122,7 +122,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { @@ -122,7 +122,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("4");
}
}
@ -155,7 +155,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { @@ -155,7 +155,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/role1/**")
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("1");
}
}
@ -166,7 +166,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { @@ -166,7 +166,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/role2/**")
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("2");
}
}
@ -232,7 +232,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { @@ -232,7 +232,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().authenticated()
}
}
@ -253,7 +253,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec { @@ -253,7 +253,7 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().authenticated()
}
}

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/DefaultFiltersTests.groovy
Unescape View File

@ -130,7 +130,7 @@ class DefaultFiltersTests extends BaseSpringSpec { @@ -130,7 +130,7 @@ class DefaultFiltersTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER");
}
}

14
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.groovy
Unescape View File

@ -134,7 +134,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { @@ -134,7 +134,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()
@ -159,7 +159,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { @@ -159,7 +159,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.logout()
@ -187,7 +187,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { @@ -187,7 +187,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.logout()
@ -222,7 +222,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { @@ -222,7 +222,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()
@ -252,7 +252,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { @@ -252,7 +252,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.openidLogin()
@ -289,7 +289,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { @@ -289,7 +289,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.rememberMe()
@ -315,7 +315,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { @@ -315,7 +315,7 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec {
.exceptionHandling()
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExceptionHandlingConfigurerTests.groovy
Unescape View File

@ -110,7 +110,7 @@ class ExceptionHandlingConfigurerTests extends BaseSpringSpec { @@ -110,7 +110,7 @@ class ExceptionHandlingConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic()

54
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationsTests.groovy
Unescape View File

@ -54,7 +54,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -54,7 +54,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
e.message == "role should not start with 'ROLE_' since it is automatically inserted. Got 'ROLE_USER'"
}
def "authorizeUrls() uses AffirmativeBased AccessDecisionManager"() {
def "authorizeRequests() uses AffirmativeBased AccessDecisionManager"() {
when: "Load Config with no specific AccessDecisionManager"
loadConfig(NoSpecificAccessDecessionManagerConfig)
then: "AccessDecessionManager matches the HttpSecurityBuilder's default"
@ -66,17 +66,17 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -66,17 +66,17 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
static class NoSpecificAccessDecessionManagerConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
}
}
def "authorizeUrls() no requests"() {
def "authorizeRequests() no requests"() {
when: "Load Config with no requests"
loadConfig(NoRequestsConfig)
then: "A meaningful exception is thrown"
BeanCreationException success = thrown()
success.message.contains "At least one mapping is required (i.e. authorizeUrls().anyRequest.authenticated())"
success.message.contains "At least one mapping is required (i.e. authorizeRequests().anyRequest.authenticated())"
}
@EnableWebSecurity
@ -84,11 +84,11 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -84,11 +84,11 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
static class NoRequestsConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
}
}
def "authorizeUrls() incomplete mapping"() {
def "authorizeRequests() incomplete mapping"() {
when: "Load Config with incomplete mapping"
loadConfig(IncompleteMappingConfig)
then: "A meaningful exception is thrown"
@ -101,13 +101,13 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -101,13 +101,13 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
static class IncompleteMappingConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.antMatchers("/a").authenticated()
.anyRequest()
}
}
def "authorizeUrls() hasAuthority"() {
def "authorizeRequests() hasAuthority"() {
setup:
loadConfig(HasAuthorityConfig)
when:
@ -135,12 +135,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -135,12 +135,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasAuthority("ROLE_USER")
}
}
def "authorizeUrls() hasAnyAuthority"() {
def "authorizeRequests() hasAnyAuthority"() {
setup:
loadConfig(HasAnyAuthorityConfig)
when:
@ -174,12 +174,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -174,12 +174,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasAnyAuthority("ROLE_ADMIN","ROLE_DBA")
}
}
def "authorizeUrls() hasIpAddress"() {
def "authorizeRequests() hasIpAddress"() {
setup:
loadConfig(HasIpAddressConfig)
when:
@ -202,12 +202,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -202,12 +202,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasIpAddress("192.168.1.0")
}
}
def "authorizeUrls() anonymous"() {
def "authorizeRequests() anonymous"() {
setup:
loadConfig(AnonymousConfig)
when:
@ -229,12 +229,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -229,12 +229,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().anonymous()
}
}
def "authorizeUrls() rememberMe"() {
def "authorizeRequests() rememberMe"() {
setup:
loadConfig(RememberMeConfig)
when:
@ -258,7 +258,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -258,7 +258,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
.and()
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().rememberMe()
}
@ -271,7 +271,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -271,7 +271,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
}
}
def "authorizeUrls() denyAll"() {
def "authorizeRequests() denyAll"() {
setup:
loadConfig(DenyAllConfig)
when:
@ -293,12 +293,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -293,12 +293,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().denyAll()
}
}
def "authorizeUrls() not denyAll"() {
def "authorizeRequests() not denyAll"() {
setup:
loadConfig(NotDenyAllConfig)
when:
@ -320,12 +320,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -320,12 +320,12 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().not().denyAll()
}
}
def "authorizeUrls() fullyAuthenticated"() {
def "authorizeRequests() fullyAuthenticated"() {
setup:
loadConfig(FullyAuthenticatedConfig)
when:
@ -355,7 +355,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -355,7 +355,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
.and()
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().fullyAuthenticated()
}
@ -368,7 +368,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -368,7 +368,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
}
}
def "authorizeUrls() access"() {
def "authorizeRequests() access"() {
setup:
loadConfig(AccessConfig)
when:
@ -399,7 +399,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -399,7 +399,7 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
.and()
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().access("hasRole('ROLE_USER') or request.method == 'GET'")
}
@ -430,10 +430,10 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec { @@ -430,10 +430,10 @@ public class ExpressionUrlAuthorizationConfigurerTests extends BaseSpringSpec {
http
.httpBasic()
.and()
.authorizeUrls()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.authorizeUrls()
.authorizeRequests()
}
@Override

8
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurerTests.groovy
Unescape View File

@ -99,7 +99,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec { @@ -99,7 +99,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()
@ -131,7 +131,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec { @@ -131,7 +131,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()
@ -155,7 +155,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec { @@ -155,7 +155,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()
@ -187,7 +187,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec { @@ -187,7 +187,7 @@ class FormLoginConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()

6
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/Issue55Tests.groovy
Unescape View File

@ -52,7 +52,7 @@ class Issue55Tests extends BaseSpringSpec { @@ -52,7 +52,7 @@ class Issue55Tests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER");
}
}
@ -84,7 +84,7 @@ class Issue55Tests extends BaseSpringSpec { @@ -84,7 +84,7 @@ class Issue55Tests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/api/**")
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER");
}
}
@ -93,7 +93,7 @@ class Issue55Tests extends BaseSpringSpec { @@ -93,7 +93,7 @@ class Issue55Tests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER");
}
}

6
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAnonymousTests.groovy
Unescape View File

@ -47,7 +47,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec { @@ -47,7 +47,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER");
}
}
@ -98,7 +98,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec { @@ -98,7 +98,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
static class AnonymousKeyConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.anonymous().key("AnonymousKeyConfig")
@ -120,7 +120,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec { @@ -120,7 +120,7 @@ public class NamespaceHttpAnonymousTests extends BaseSpringSpec {
static class AnonymousUsernameConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.anonymous().principal("AnonymousUsernameConfig")

6
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpBasicTests.groovy
Unescape View File

@ -76,7 +76,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec { @@ -76,7 +76,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
static class HttpBasicConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.httpBasic();
@ -99,7 +99,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec { @@ -99,7 +99,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
static class CustomHttpBasicConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.httpBasic().realmName("Custom Realm");
@ -150,7 +150,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec { @@ -150,7 +150,7 @@ public class NamespaceHttpBasicTests extends BaseSpringSpec {
static class EntryPointRefHttpBasicConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.httpBasic()

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpCustomFilterTests.groovy
Unescape View File

@ -152,7 +152,7 @@ public class NamespaceHttpCustomFilterTests extends BaseSpringSpec { @@ -152,7 +152,7 @@ public class NamespaceHttpCustomFilterTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.addFilterBefore(new CustomFilter(), UsernamePasswordAuthenticationFilter.class)

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpExpressionHandlerTests.groovy
Unescape View File

@ -47,7 +47,7 @@ public class NamespaceHttpExpressionHandlerTests extends BaseSpringSpec { @@ -47,7 +47,7 @@ public class NamespaceHttpExpressionHandlerTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.expressionHandler(EXPRESSION_HANDLER)
.antMatchers("/users**","/sessions/**").hasRole("ADMIN")
.antMatchers("/signup").permitAll()

4
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpFormLoginTests.groovy
Unescape View File

@ -79,7 +79,7 @@ public class NamespaceHttpFormLoginTests extends BaseSpringSpec { @@ -79,7 +79,7 @@ public class NamespaceHttpFormLoginTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()
@ -117,7 +117,7 @@ public class NamespaceHttpFormLoginTests extends BaseSpringSpec { @@ -117,7 +117,7 @@ public class NamespaceHttpFormLoginTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
boolean alwaysUseDefaultSuccess = true;
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpInterceptUrlTests.groovy
Unescape View File

@ -138,7 +138,7 @@ public class NamespaceHttpInterceptUrlTests extends BaseSpringSpec { @@ -138,7 +138,7 @@ public class NamespaceHttpInterceptUrlTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
// the line below is similar to intercept-url@pattern:
// <intercept-url pattern="/users**" access="hasRole('ROLE_ADMIN')"/>
// <intercept-url pattern="/sessions/**" access="hasRole('ROLE_ADMIN')"/>

4
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpJeeTests.groovy
Unescape View File

@ -99,7 +99,7 @@ public class NamespaceHttpJeeTests extends BaseSpringSpec { @@ -99,7 +99,7 @@ public class NamespaceHttpJeeTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.jee()
@ -126,7 +126,7 @@ public class NamespaceHttpJeeTests extends BaseSpringSpec { @@ -126,7 +126,7 @@ public class NamespaceHttpJeeTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.jee()

8
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpOpenIDLoginTests.groovy
Unescape View File

@ -78,7 +78,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec { @@ -78,7 +78,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
static class OpenIDLoginConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.openidLogin()
@ -129,7 +129,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec { @@ -129,7 +129,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
static class OpenIDLoginAttributeExchangeConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.openidLogin()
@ -184,7 +184,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec { @@ -184,7 +184,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
boolean alwaysUseDefaultSuccess = true;
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.openidLogin()
@ -218,7 +218,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec { @@ -218,7 +218,7 @@ public class NamespaceHttpOpenIDLoginTests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.openidLogin()

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpPortMappingsTests.groovy
Unescape View File

@ -88,7 +88,7 @@ public class NamespaceHttpPortMappingsTests extends BaseSpringSpec { @@ -88,7 +88,7 @@ public class NamespaceHttpPortMappingsTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.portMapper()

10
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpX509Tests.groovy
Unescape View File

@ -103,7 +103,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec { @@ -103,7 +103,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.x509();
@ -136,7 +136,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec { @@ -136,7 +136,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.x509()
@ -170,7 +170,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec { @@ -170,7 +170,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.x509()
@ -204,7 +204,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec { @@ -204,7 +204,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.x509()
@ -238,7 +238,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec { @@ -238,7 +238,7 @@ public class NamespaceHttpX509Tests extends BaseSpringSpec {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.x509()

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceRememberMeTests.groovy
Unescape View File

@ -112,7 +112,7 @@ public class NamespaceRememberMeTests extends BaseSpringSpec { @@ -112,7 +112,7 @@ public class NamespaceRememberMeTests extends BaseSpringSpec {
static class RememberMeConfig extends BaseWebConfig {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/PermitAllSupportTests.groovy
Unescape View File

@ -46,7 +46,7 @@ class PermitAllSupportTests extends BaseSpringSpec { @@ -46,7 +46,7 @@ class PermitAllSupportTests extends BaseSpringSpec {
loadConfig(NoAuthorizedUrlsConfig)
then:
BeanCreationException e = thrown()
e.message.contains "permitAll only works with HttpSecurity.authorizeUrls"
e.message.contains "permitAll only works with HttpSecurity.authorizeRequests"
}

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurerTests.groovy
Unescape View File

@ -45,7 +45,7 @@ public class RememberMeConfigurerTests extends BaseSpringSpec { @@ -45,7 +45,7 @@ public class RememberMeConfigurerTests extends BaseSpringSpec {
static class NullUserDetailsConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().hasRole("USER")
.and()
.formLogin()

2
config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/openid/OpenIDLoginConfigurerTests.groovy
Unescape View File

@ -76,7 +76,7 @@ class OpenIDLoginConfigurerTests extends BaseSpringSpec { @@ -76,7 +76,7 @@ class OpenIDLoginConfigurerTests extends BaseSpringSpec {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeUrls()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.openidLogin()

Write Preview
Loading…
Cancel
Save