* Path Matcher

* Security Config
codecentric · Oct 28, 2022 · bc111ca · bc111ca
1 parent c540e94
commit bc111ca
Show file tree

Hide file tree

Showing 6 changed files with 21 additions and 17 deletions.
diff --git a/...mple-consul/src/main/java/de/codecentric/boot/admin/SpringBootAdminConsulApplication.java b/...mple-consul/src/main/java/de/codecentric/boot/admin/SpringBootAdminConsulApplication.java
@@ -85,8 +85,8 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 			successHandler.setDefaultTargetUrl(this.adminContextPath + "/");
 
 			http.authorizeHttpRequests((authorizeRequests) -> authorizeRequests
-					.requestMatchers(this.adminContextPath + "/assets/**").permitAll()
-					.requestMatchers(this.adminContextPath + "/login").permitAll().anyRequest().authenticated())
+					.requestMatchers(new AntPathRequestMatcher(this.adminContextPath + "/assets/**")).permitAll()
+					.requestMatchers(new AntPathRequestMatcher(this.adminContextPath + "/login")).permitAll().anyRequest().authenticated())
 					.formLogin((formLogin) -> formLogin.loginPage(this.adminContextPath + "/login")
 							.successHandler(successHandler))
 					.logout((logout) -> logout.logoutUrl(this.adminContextPath + "/logout"))

diff --git a/...mple-eureka/src/main/java/de/codecentric/boot/admin/SpringBootAdminEurekaApplication.java b/...mple-eureka/src/main/java/de/codecentric/boot/admin/SpringBootAdminEurekaApplication.java
@@ -86,8 +86,8 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 			successHandler.setDefaultTargetUrl(this.adminContextPath + "/");
 
 			http.authorizeHttpRequests((authorizeRequests) -> authorizeRequests
-					.requestMatchers(this.adminContextPath + "/assets/**").permitAll()
-					.requestMatchers(this.adminContextPath + "/login").permitAll().anyRequest().authenticated())
+					.requestMatchers(new AntPathRequestMatcher(this.adminContextPath + "/assets/**")).permitAll()
+					.requestMatchers(new AntPathRequestMatcher(this.adminContextPath + "/login")).permitAll().anyRequest().authenticated())
 					.formLogin((formLogin) -> formLogin.loginPage(this.adminContextPath + "/login")
 							.successHandler(successHandler))
 					.logout((logout) -> logout.logoutUrl(this.adminContextPath + "/logout"))

diff --git a/...azelcast/src/main/java/de/codecentric/boot/admin/SpringBootAdminHazelcastApplication.java b/...azelcast/src/main/java/de/codecentric/boot/admin/SpringBootAdminHazelcastApplication.java
@@ -142,8 +142,8 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 			successHandler.setDefaultTargetUrl(this.adminServer.path("/"));
 
 			http.authorizeHttpRequests((authorizeRequests) -> authorizeRequests
-					.requestMatchers(this.adminServer.path("/assets/**")).permitAll()
-					.requestMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated())
+					.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/assets/**"))).permitAll()
+					.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/login"))).permitAll().anyRequest().authenticated())
 					.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
 							.successHandler(successHandler))
 					.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))

diff --git a/...ot-admin-sample-servlet/src/main/java/de/codecentric/boot/admin/SecuritySecureConfig.java b/...ot-admin-sample-servlet/src/main/java/de/codecentric/boot/admin/SecuritySecureConfig.java
@@ -56,11 +56,11 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		successHandler.setDefaultTargetUrl(this.adminServer.path("/"));
 
 		http.authorizeHttpRequests((authorizeRequests) -> authorizeRequests
-				.requestMatchers(this.adminServer.path("/assets/**")).permitAll() // <1>
-				.requestMatchers(this.adminServer.path("/variables.css")).permitAll()
-				.requestMatchers(this.adminServer.path("/actuator/info")).permitAll()
-				.requestMatchers(this.adminServer.path("/actuator/health")).permitAll()
-				.requestMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated() // <2>
+				.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/assets/**"))).permitAll() // <1>
+				.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/variables.css"))).permitAll()
+				.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/actuator/info"))).permitAll()
+				.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/actuator/health"))).permitAll()
+				.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/login"))).permitAll().anyRequest().authenticated() // <2>
 		).formLogin(
 				(formLogin) -> formLogin.loginPage(this.adminServer.path("/login")).successHandler(successHandler).and() // <3>
 		).logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout"))).httpBasic(Customizer.withDefaults()) // <4>
@@ -80,8 +80,12 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 	// Required to provide UserDetailsService for "remember functionality"
 	@Bean
 	public InMemoryUserDetailsManager userDetailsService() {
-		UserDetails user = User.withDefaultPasswordEncoder().username(security.getUser().getName())
-				.password("{noop}" + security.getUser().getPassword()).roles("USER").build();
+		User.UserBuilder users = User.withDefaultPasswordEncoder();
+		UserDetails user = users
+			.username(security.getUser().getName())
+			.password(security.getUser().getPassword())
+			.roles("USER")
+			.build();
 		return new InMemoryUserDetailsManager(user);
 	}
 

diff --git a/...min-sample-war/src/main/java/de/codecentric/boot/admin/SpringBootAdminWarApplication.java b/...min-sample-war/src/main/java/de/codecentric/boot/admin/SpringBootAdminWarApplication.java
@@ -90,8 +90,8 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 			successHandler.setDefaultTargetUrl(this.adminServer.path("/"));
 
 			http.authorizeHttpRequests((authorizeRequests) -> authorizeRequests
-					.requestMatchers(this.adminServer.path("/assets/**")).permitAll()
-					.requestMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated())
+					.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/assets/**"))).permitAll()
+					.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/login"))).permitAll().anyRequest().authenticated())
 
 					.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
 							.successHandler(successHandler))

diff --git a/...ookeeper/src/main/java/de/codecentric/boot/admin/SpringBootAdminZookeeperApplication.java b/...ookeeper/src/main/java/de/codecentric/boot/admin/SpringBootAdminZookeeperApplication.java
@@ -86,8 +86,8 @@ protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 			successHandler.setDefaultTargetUrl(this.adminServer.path("/"));
 
 			http.authorizeHttpRequests((authorizeRequests) -> authorizeRequests
-					.requestMatchers(this.adminServer.path("/assets/**")).permitAll()
-					.requestMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated())
+					.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/assets/**"))).permitAll()
+					.requestMatchers(new AntPathRequestMatcher(this.adminServer.path("/login"))).permitAll().anyRequest().authenticated())
 					.formLogin((formLogin) -> formLogin.loginPage(this.adminServer.path("/login"))
 							.successHandler(successHandler))
 					.logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout")))