Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve RequestMatcher Validation #13551

Closed
jzheaux opened this issue Jul 17, 2023 · 5 comments
Closed

Improve RequestMatcher Validation #13551

jzheaux opened this issue Jul 17, 2023 · 5 comments
Assignees
@jzheaux
Labels
in: config An issue in spring-security-config type: enhancement A general enhancement
Milestone
5.8.5

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Jul 17, 2023
edited
Loading

No description provided.

@jzheaux jzheaux added in: config An issue in spring-security-config type: enhancement A general enhancement labels Jul 17, 2023
@jzheaux jzheaux added this to the 6.0.5 milestone Jul 17, 2023
@jzheaux jzheaux self-assigned this Jul 17, 2023
@jzheaux jzheaux modified the milestones: 6.0.5, 5.8.5 Jul 17, 2023
jzheaux added a commit that referenced this issue Jul 17, 2023
@jzheaux
Add DispatcherServlet to Tests
bb46a54 
Issue gh-13551
This was referenced Jul 17, 2023
Closed
Closed
@albertus82
Copy link

Hi, just updated from 5.8.4 to 5.8.5 and encountered java.lang.IllegalArgumentException: This method cannot decide whether these patterns are Spring MVC patterns or not. at application startup. I'm surprised because this is only a patch update.

@kzander91
Copy link

For me, this happens when running locally with spring-boot-devtools, which automatically enables the H2 console. At runtime, this causes two servlets to be registered which for some reason confuses Spring Security.
I don't need the H2 console, so spring.h2.console.enabled=false is my workaround for now.

@bartolom
Copy link
Contributor

We have a non-Spring-Boot, "traditional" Spring Framework 5.3.29 MVC application which is deployed into a Tomcat 9

The upgrade from 5.8.4 to 5.8.5 also produces java.lang.IllegalArgumentException: This method cannot decide whether these patterns are Spring MVC patterns or not. at application startup.

We follow pretty much the "A 100% code-based approach to configuration" pattern as described here https://docs.spring.io/spring-framework/docs/5.3.x/javadoc-api/org/springframework/web/WebApplicationInitializer.html

But a stand alone Tomcat in its default configuration creates two more Servlets named "default" and "jsp"

https://tomcat.apache.org/tomcat-9.0-doc/default-servlet.html

Therefore registrations.size() is 3 in our case.

We want to avoid that our operations team has to alter the default Tomcat web.xml each time they upgrade Tomcat.

Do we need to migrate to the mentioned requestMatchers(MvcRequestMatcher) ?

@albertus82
Copy link

@bartolom I think you should open a new issue. This one is closed and I'm noticing it's not getting any attention.

@dreis2211 dreis2211 mentioned this issue Jul 20, 2023
Open
6 tasks
@dreis2211
Copy link
Contributor

I've just did that: #13568

@mcollovati mcollovati mentioned this issue Jul 21, 2023
Closed
@codingtim codingtim mentioned this issue Aug 3, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: config An issue in spring-security-config type: enhancement A general enhancement
Projects
None yet
Milestone
5.8.5
Development

No branches or pull requests
5 participants
@jzheaux @dreis2211 @bartolom @albertus82 @kzander91