1 тиждень тому · be20201bf7
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/WebAuthnConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/WebAuthnConfigurer.java
@@ -35,7 +35,6 @@ import org.springframework.security.web.authentication.ui.DefaultLoginPageGenera
 
				 import org.springframework.security.web.authentication.ui.DefaultResourcesFilter;
			
 
				 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
			
 
				 import org.springframework.security.web.csrf.CsrfToken;
			
 
				-import org.springframework.security.web.util.matcher.AnyRequestMatcher;
			
 
				 import org.springframework.security.web.webauthn.api.PublicKeyCredentialRpEntity;
			
 
				 import org.springframework.security.web.webauthn.authentication.PublicKeyCredentialRequestOptionsFilter;
			
 
				 import org.springframework.security.web.webauthn.authentication.WebAuthnAuthenticationFilter;
			
@@ -159,8 +158,7 @@ public class WebAuthnConfigurer<H extends HttpSecurityBuilder<H>>
 
				 		ExceptionHandlingConfigurer<H> exceptions = http.getConfigurer(ExceptionHandlingConfigurer.class);
			
 
				 		if (exceptions != null) {
			
 
				 			AuthenticationEntryPoint entryPoint = new LoginUrlAuthenticationEntryPoint("/login");
			
 
				-			exceptions.defaultDeniedHandlerForMissingAuthority(
			
 
				-					(ep) -> ep.addEntryPointFor(entryPoint, AnyRequestMatcher.INSTANCE),
			
 
				+			exceptions.defaultDeniedHandlerForMissingAuthority((ep) -> ep.defaultEntryPoint(entryPoint),
			
 
				 					GrantedAuthorities.FACTOR_WEBAUTHN_AUTHORITY);
			
 
				 		}
			
 
				 	}
			
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java
@@ -39,7 +39,6 @@ import org.springframework.security.web.authentication.preauth.x509.SubjectDnX50
 
				 import org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter;
			
 
				 import org.springframework.security.web.authentication.preauth.x509.X509PrincipalExtractor;
			
 
				 import org.springframework.security.web.context.RequestAttributeSecurityContextRepository;
			
 
				-import org.springframework.security.web.util.matcher.AnyRequestMatcher;
			
 
				 
			
 
				 /**
			
 
				  * Adds X509 based pre authentication to an application. Since validating the certificate
			
@@ -187,8 +186,7 @@ public final class X509Configurer<H extends HttpSecurityBuilder<H>>
 
				 		ExceptionHandlingConfigurer<H> exceptions = http.getConfigurer(ExceptionHandlingConfigurer.class);
			
 
				 		if (exceptions != null) {
			
 
				 			AuthenticationEntryPoint forbidden = new Http403ForbiddenEntryPoint();
			
 
				-			exceptions.defaultDeniedHandlerForMissingAuthority(
			
 
				-					(ep) -> ep.addEntryPointFor(forbidden, AnyRequestMatcher.INSTANCE),
			
 
				+			exceptions.defaultDeniedHandlerForMissingAuthority((ep) -> ep.defaultEntryPoint(forbidden),
			
 
				 					GrantedAuthorities.FACTOR_X509_AUTHORITY);
			
 
				 		}
			
 
				 	}