You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
HttpSecurity.authorizeRequests().requestMatchers(EndpointRequest.to(...)) works fine with org.springframework.security.config.annotation.web.builders.HttpSecurity and org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest.
However, ServerHttpSecurity.authorizeExchange().pathMatchers(EndpointRequest.to(...)) doesn't work with org.springframework.security.config.web.server.ServerHttpSecurity and org.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest.
The text was updated successfully, but these errors were encountered:
AFAIK, this isn't a bug. org.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest will give you a EndpointServerWebExchangeMatcher that is intended for use with ServerHttpSecurity.authorizeExchange().matchers().
The problem is caused because there is a org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest; and a org.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest which have different arguments.
This type of daft issue might be avoid if people included the import list in their example programs
Originally Reported via spring-projects/spring-security#5002
HttpSecurity.authorizeRequests().requestMatchers(EndpointRequest.to(...))
works fine withorg.springframework.security.config.annotation.web.builders.HttpSecurity
andorg.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest
.However,
ServerHttpSecurity.authorizeExchange().pathMatchers(EndpointRequest.to(...))
doesn't work withorg.springframework.security.config.web.server.ServerHttpSecurity
andorg.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest
.The text was updated successfully, but these errors were encountered: