GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Typo: Update authorize-http-requests.adoc 

'patters' -> 'pattern'
-----
'db' -> "db",
'ADMIN' -> "ADMIN"
They should be string type
-----
There is no semicolon. I added it.
-----
There is no semicolon at the end of the sentence. So I added
pull/14582/head
Habin Song 2 years ago committed by Marcus Hert Da Coregio
parent
7f58a275ae
commit
fd1db06efd
1 changed files with 5 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc

10
docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
Unescape View File

@ -258,7 +258,7 @@ void endpointWhenNotUserAuthorityThenForbidden() { @@ -258,7 +258,7 @@ void endpointWhenNotUserAuthorityThenForbidden() {
@Test
void anyWhenUnauthenticatedThenUnauthorized() {
this.mvc.perform(get("/any"))
.andExpect(status().isUnauthorized())
.andExpect(status().isUnauthorized());
}
----
======
@ -387,7 +387,7 @@ void endpointWhenNotUserAuthorityThenForbidden() { @@ -387,7 +387,7 @@ void endpointWhenNotUserAuthorityThenForbidden() {
@Test
void anyWhenUnauthenticatedThenUnauthorized() {
this.mvc.perform(get("/any"))
.andExpect(status().isUnauthorized())
.andExpect(status().isUnauthorized());
}
----
======
@ -521,7 +521,7 @@ void getWhenNoReadAuthorityThenForbidden() { @@ -521,7 +521,7 @@ void getWhenNoReadAuthorityThenForbidden() {
@Test
void postWhenWriteAuthorityThenAuthorized() {
this.mvc.perform(post("/any").with(csrf()))
.andExpect(status().isOk())
.andExpect(status().isOk());
}
@WithMockUser(authorities="read")
@ -737,7 +737,7 @@ SecurityFilterChain web(HttpSecurity http) throws Exception { @@ -737,7 +737,7 @@ SecurityFilterChain web(HttpSecurity http) throws Exception {
.dispatcherTypeMatchers(FORWARD, ERROR).permitAll() // <2>
.requestMatchers("/static/**", "/signup", "/about").permitAll() // <3>
.requestMatchers("/admin/**").hasRole("ADMIN") // <4>
.requestMatchers("/db/**").access(allOf(hasAuthority('db'), hasRole('ADMIN'))) // <5>
.requestMatchers("/db/**").access(allOf(hasAuthority("db"), hasRole("ADMIN"))) // <5>
.anyRequest().denyAll() // <6>
);
@ -805,7 +805,7 @@ Xml:: @@ -805,7 +805,7 @@ Xml::
</http>
----
======
<1> We specified a URL patters that any user can access.
<1> We specified a URL pattern that any user can access.
Specifically, any user can access a request if the URL starts with "/static/".
<2> Any URL that starts with "/admin/" will be restricted to users who have the role "ROLE_ADMIN".
You will notice that since we are invoking the `hasRole` method we do not need to specify the "ROLE_" prefix.

Write Preview
Loading…
Cancel
Save