Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add servletPath support to AuthorizeHttpRequests #13857

Merged
merged 2 commits into from
Oct 12, 2023
Merged

Add servletPath support to AuthorizeHttpRequests #13857

merged 2 commits into from
Oct 12, 2023

Conversation

jzheaux
Copy link
Contributor

@jzheaux jzheaux commented Sep 23, 2023
edited
Loading

This PR extracts the logic AuthorizeHttpRequestsConfigurer uses to generate RequestMatcher instances, simplifying how AntPathRequestMatcher and MvcRequestMatcher instances are generated.

It exposes this through the forServletPattern DSL method.

Closes gh-13562

@rishiraj88
Copy link
Contributor

Thanks, @jzheaux .

@jzheaux jzheaux self-assigned this Sep 26, 2023
sjohnr
sjohnr reviewed Sep 26, 2023
View reviewed changes
Copy link
Member

@sjohnr sjohnr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the work so far @jzheaux! As mentioned below, I particularly like the separation between creating RequestMatcherBuilder through a factory and use of that interface for creating RequestMatcher instances. I'm not sure if we could improve on the contract needing an ApplicationContext at this point, but will ponder it some more.

...rg/springframework/security/config/web/util/matcher/ServletRequestMatcherBuilderFactory.java Outdated Show resolved Hide resolved
docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc Outdated Show resolved Hide resolved
...c/main/java/org/springframework/security/config/web/util/matcher/RequestMatcherBuilders.java Outdated Show resolved Hide resolved
...rg/springframework/security/config/web/util/matcher/ServletRequestMatcherBuilderFactory.java Outdated Show resolved Hide resolved
...c/main/java/org/springframework/security/config/web/util/matcher/RequestMatcherBuilders.java Outdated Show resolved Hide resolved
marcusdacoregio
marcusdacoregio reviewed Sep 27, 2023
View reviewed changes
Copy link
Contributor

@marcusdacoregio marcusdacoregio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, Josh. I've left some feedback inline.

...c/main/java/org/springframework/security/config/web/util/matcher/RequestMatcherBuilders.java Outdated Show resolved Hide resolved
docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc Outdated Show resolved Hide resolved
docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc Outdated Show resolved Hide resolved
.../java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java Outdated Show resolved Hide resolved
...c/main/java/org/springframework/security/config/web/util/matcher/RequestMatcherBuilders.java Outdated Show resolved Hide resolved
@jzheaux jzheaux force-pushed the gh-13562 branch 3 times, most recently from 45f2a18 to 678fd07 Compare September 30, 2023 00:15
@jzheaux jzheaux changed the title Add RequestMatcherBuilder Add servletPath support to AuthorizeHttpRequests Oct 3, 2023
@jzheaux jzheaux added in: config An issue in spring-security-config type: enhancement A general enhancement labels Oct 12, 2023
@jzheaux jzheaux added this to the 6.2.0-RC1 milestone Oct 12, 2023
@jzheaux jzheaux force-pushed the gh-13562 branch 2 times, most recently from 9cf81e7 to 795c382 Compare October 12, 2023 05:42
@jzheaux jzheaux merged commit 8f829dd into spring-projects:main Oct 12, 2023
1 check passed
@jzheaux
Copy link
Contributor Author

jzheaux commented Nov 17, 2023

Note that while this indeed was merged and released in an RC phase, it was removed for GA in 4131a38 due to #13794. We'll take just a bit more time to ensure what we are doing is the right thing here.

@jzheaux jzheaux mentioned this pull request Nov 27, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marcusdacoregio marcusdacoregio marcusdacoregio left review comments

@sjohnr sjohnr sjohnr left review comments

Assignees

@jzheaux jzheaux

Labels
in: config An issue in spring-security-config type: enhancement A general enhancement
Projects
Spring Security Team
Status: Done
Milestone
6.2.0-RC1
Development

Successfully merging this pull request may close these issues.

Simplify MvcRequestMatcher construction
4 participants
@jzheaux @rishiraj88 @sjohnr @marcusdacoregio