2 年之前 · ace8caa182
--- a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
+++ b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
@@ -67,9 +67,9 @@ SecurityFilterChain web(HttpSecurity http) throws Exception {
 
				 	http
			
 
				 		// ...
			
 
				 		.authorizeHttpRequests(authorize -> authorize                                  // <1>
			
 
				-			.mvcMatchers("/resources/**", "/signup", "/about").permitAll()         // <2>
			
 
				-			.mvcMatchers("/admin/**").hasRole("ADMIN")                             // <3>
			
 
				-			.mvcMatchers("/db/**").access(new WebExpressionAuthorizationManager("hasRole('ADMIN') and hasRole('DBA')"))   // <4>
			
 
				+			.requestMatchers("/resources/**", "/signup", "/about").permitAll()         // <2>
			
 
				+			.requestMatchers("/admin/**").hasRole("ADMIN")                             // <3>
			
 
				+			.requestMatchers("/db/**").access(new WebExpressionAuthorizationManager("hasRole('ADMIN') and hasRole('DBA')"))   // <4>
			
 
				 			.anyRequest().denyAll()                                                // <5>
			
 
				 		);
			
 
				 
			
@@ -142,7 +142,7 @@ Here is an example of mapping a custom authorization manager to the `my/authoriz
 
				 SecurityFilterChain web(HttpSecurity http) throws Exception {
			
 
				     http
			
 
				         .authorizeHttpRequests((authorize) -> authorize
			
 
				-            .mvcMatchers("/my/authorized/endpoint").access(new CustomAuthorizationManager());
			
 
				+            .requestMatchers("/my/authorized/endpoint").access(new CustomAuthorizationManager());
			
 
				         )
			
 
				         // ...
			
 
				 
			
--- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc
@@ -188,7 +188,7 @@ public class MyCustomSecurityConfiguration {
 
				     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
			
 
				         http
			
 
				             .authorizeHttpRequests(authorize -> authorize
			
 
				-                .mvcMatchers("/messages/**").hasAuthority("SCOPE_message:read")
			
 
				+                .requestMatchers("/messages/**").hasAuthority("SCOPE_message:read")
			
 
				                 .anyRequest().authenticated()
			
 
				             )
			
 
				             .oauth2ResourceServer(oauth2 -> oauth2
			
@@ -737,8 +737,8 @@ public class DirectlyConfiguredJwkSetUri {
 
				     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
			
 
				         http
			
 
				             .authorizeHttpRequests(authorize -> authorize
			
 
				-                .mvcMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
			
 
				-                .mvcMatchers("/messages/**").hasAuthority("SCOPE_messages")
			
 
				+                .requestMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
			
 
				+                .requestMatchers("/messages/**").hasAuthority("SCOPE_messages")
			
 
				                 .anyRequest().authenticated()
			
 
				             )
			
 
				             .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
			
--- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc
@@ -231,7 +231,7 @@ public class MyCustomSecurityConfiguration {
 
				     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
			
 
				         http
			
 
				             .authorizeHttpRequests(authorize -> authorize
			
 
				-                .mvcMatchers("/messages/**").hasAuthority("SCOPE_message:read")
			
 
				+                .requestMatchers("/messages/**").hasAuthority("SCOPE_message:read")
			
 
				                 .anyRequest().authenticated()
			
 
				             )
			
 
				             .oauth2ResourceServer(oauth2 -> oauth2
			
@@ -513,8 +513,8 @@ public class MappedAuthorities {
 
				     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
			
 
				         http
			
 
				             .authorizeHttpRequests(authorizeRequests -> authorizeRequests
			
 
				-                .mvcMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
			
 
				-                .mvcMatchers("/messages/**").hasAuthority("SCOPE_messages")
			
 
				+                .requestMatchers("/contacts/**").hasAuthority("SCOPE_contacts")
			
 
				+                .requestMatchers("/messages/**").hasAuthority("SCOPE_messages")
			
 
				                 .anyRequest().authenticated()
			
 
				             )
			
 
				             .oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken);
			
--- a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc
+++ b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc
@@ -329,7 +329,7 @@ public class MyCustomSecurityConfiguration {
 
				     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
			
 
				         http
			
 
				             .authorizeHttpRequests(authorize -> authorize
			
 
				-                .mvcMatchers("/messages/**").hasAuthority("ROLE_USER")
			
 
				+                .requestMatchers("/messages/**").hasAuthority("ROLE_USER")
			
 
				                 .anyRequest().authenticated()
			
 
				             )
			
 
				             .saml2Login(withDefaults());
			
@@ -481,7 +481,7 @@ public class MyCustomSecurityConfiguration {
 
				     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
			
 
				         http
			
 
				             .authorizeHttpRequests(authorize -> authorize
			
 
				-                .mvcMatchers("/messages/**").hasAuthority("ROLE_USER")
			
 
				+                .requestMatchers("/messages/**").hasAuthority("ROLE_USER")
			
 
				                 .anyRequest().authenticated()
			
 
				             )
			
 
				             .saml2Login(saml2 -> saml2