chore: explictly use ant path matchers in VaadinWebSecurity

[mcollovati]

Spring security configurers accepting strings matcher may fail to detect if the parameter is a Spring MVC pattern or not. This change update VaadinWebSecurity to explictly use ant path request matchers.

[sonatype-lift]

Sonatype Lift is retiring

Sonatype Lift will be retiring on Sep 12, 2023, with its analysis stopping on Aug 12, 2023. We understand that this news may come as a disappointment, and Sonatype is committed to helping you transition off it seamlessly. If you’d like to retain your data, please export your issues from the web console.
We are extremely grateful and thank you for your support over the years.

📖 Read about the impacts and timeline

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
4 Code Smells

No Coverage information
0.0% Duplication

[github-actions]

Test Results

1 000 files  ±0  1 000 suites  ±0   1h 1m 59s ⏱️ -28s
6 364 tests ±0  6 323 ✔️ ±0  41 💤 ±0  0 ❌ ±0 
6 619 runs  +8  6 571 ✔️ +8  48 💤 ±0  0 ❌ ±0 

Results for commit 51b42bf. ± Comparison against base commit 43cfbbb.

[mcollovati]

Fixes #17271