2 年之前 · 01d1e20dc3
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java
@@ -194,7 +194,25 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
 
				 		 * @return the {@link AuthorizationManagerRequestMatcherRegistry} for further
			
 
				 		 * customizations
			
 
				 		 * @since 5.7
			
 
				+		 * @deprecated Permit access to the {@link jakarta.servlet.DispatcherType}
			
 
				+		 * instead. <pre>
			
 
				+		 * &#064;Configuration
			
 
				+		 * &#064;EnableWebSecurity
			
 
				+		 * public class SecurityConfig {
			
 
				+		 *
			
 
				+		 * 	&#064;Bean
			
 
				+		 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
			
 
				+		 * 		http
			
 
				+		 * 		 	.authorizeHttpRequests((authorize) -&gt; authorize
			
 
				+		 * 				.dispatcherTypeMatchers(DispatcherType.ERROR).permitAll()
			
 
				+		 * 			 	// ...
			
 
				+		 * 		 	);
			
 
				+		 * 		return http.build();
			
 
				+		 * 	}
			
 
				+		 * }
			
 
				+		 * </pre>
			
 
				 		 */
			
 
				+		@Deprecated(since = "6.1", forRemoval = true)
			
 
				 		public AuthorizationManagerRequestMatcherRegistry shouldFilterAllDispatcherTypes(boolean shouldFilter) {
			
 
				 			this.shouldFilterAllDispatcherTypes = shouldFilter;
			
 
				 			return this;
			
--- a/web/src/main/java/org/springframework/security/web/access/intercept/AuthorizationFilter.java
+++ b/web/src/main/java/org/springframework/security/web/access/intercept/AuthorizationFilter.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2002-2022 the original author or authors.
			
 
				+ * Copyright 2002-2023 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -170,7 +170,25 @@ public class AuthorizationFilter extends GenericFilterBean {
 
				 	 * @param shouldFilterAllDispatcherTypes should filter all dispatcher types. Default
			
 
				 	 * is {@code true}
			
 
				 	 * @since 5.7
			
 
				+	 * @deprecated Permit access to the {@link jakarta.servlet.DispatcherType} instead.
			
 
				+	 * <pre>
			
 
				+	 * &#064;Configuration
			
 
				+	 * &#064;EnableWebSecurity
			
 
				+	 * public class SecurityConfig {
			
 
				+	 *
			
 
				+	 * 	&#064;Bean
			
 
				+	 * 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
			
 
				+	 * 		http
			
 
				+	 * 		 	.authorizeHttpRequests((authorize) -&gt; authorize
			
 
				+	 * 				.dispatcherTypeMatchers(DispatcherType.ERROR).permitAll()
			
 
				+	 * 			 	// ...
			
 
				+	 * 		 	);
			
 
				+	 * 		return http.build();
			
 
				+	 * 	}
			
 
				+	 * }
			
 
				+	 * </pre>
			
 
				 	 */
			
 
				+	@Deprecated(since = "6.1", forRemoval = true)
			
 
				 	public void setShouldFilterAllDispatcherTypes(boolean shouldFilterAllDispatcherTypes) {
			
 
				 		this.observeOncePerRequest = !shouldFilterAllDispatcherTypes;
			
 
				 		this.filterErrorDispatch = shouldFilterAllDispatcherTypes;