mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-05 00:56:58 +08:00
Merge pull request #24604 from izeye
* pr/24604: Polish Closes gh-24604
This commit is contained in:
commit
ccdf5a9386
@ -2439,10 +2439,10 @@ To configure Spring Security to require a secure channel for all (or some) reque
|
||||
[source,java,indent=0,subs="verbatim,quotes,attributes"]
|
||||
----
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// Customize the application security
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// Customize the application security
|
||||
http.requiresChannel().anyRequest().requiresSecure();
|
||||
return http.build();
|
||||
return http.build();
|
||||
}
|
||||
----
|
||||
|
||||
|
@ -359,12 +359,12 @@ A typical Spring Security configuration might look something like the following
|
||||
|
||||
[source,java,indent=0]
|
||||
----
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
|
||||
requests.anyRequest().hasRole("ENDPOINT_ADMIN"));
|
||||
http.httpBasic();
|
||||
return http.build();
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
|
||||
requests.anyRequest().hasRole("ENDPOINT_ADMIN"));
|
||||
http.httpBasic();
|
||||
return http.build();
|
||||
}
|
||||
----
|
||||
|
||||
@ -388,12 +388,12 @@ Additionally, if Spring Security is present, you would need to add custom securi
|
||||
|
||||
[source,java,indent=0]
|
||||
----
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
|
||||
requests.anyRequest().permitAll());
|
||||
return http.build();
|
||||
}
|
||||
return http.build();
|
||||
}
|
||||
----
|
||||
|
||||
NOTE: In both the examples above, the configuration applies only to the actuator endpoints.
|
||||
|
@ -360,7 +360,7 @@ class ProfilesTests {
|
||||
}
|
||||
|
||||
@Test
|
||||
void simpleRecursiveReferenceInProfileGroupThrowsException() {
|
||||
void simpleRecursiveReferenceInProfileGroupIgnoresDuplicates() {
|
||||
MockEnvironment environment = new MockEnvironment();
|
||||
environment.setProperty("spring.profiles.active", "a,b,c");
|
||||
environment.setProperty("spring.profiles.group.a", "a,e,f");
|
||||
|
@ -66,9 +66,9 @@ class CorsSampleActuatorApplicationTests {
|
||||
|
||||
@Test
|
||||
void preflightRequestToEndpointShouldReturnOk() throws Exception {
|
||||
RequestEntity<?> healthRequest = RequestEntity.options(new URI("/actuator/env"))
|
||||
RequestEntity<?> envRequest = RequestEntity.options(new URI("/actuator/env"))
|
||||
.header("Origin", "http://localhost:8080").header("Access-Control-Request-Method", "GET").build();
|
||||
ResponseEntity<?> exchange = this.testRestTemplate.exchange(healthRequest, Map.class);
|
||||
ResponseEntity<?> exchange = this.testRestTemplate.exchange(envRequest, Map.class);
|
||||
assertThat(exchange.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
}
|
||||
|
||||
|
@ -66,9 +66,9 @@ class CorsSampleActuatorApplicationTests {
|
||||
|
||||
@Test
|
||||
void preflightRequestToEndpointShouldReturnOk() throws Exception {
|
||||
RequestEntity<?> healthRequest = RequestEntity.options(new URI("/actuator/env"))
|
||||
RequestEntity<?> envRequest = RequestEntity.options(new URI("/actuator/env"))
|
||||
.header("Origin", "http://localhost:8080").header("Access-Control-Request-Method", "GET").build();
|
||||
ResponseEntity<?> exchange = this.testRestTemplate.exchange(healthRequest, Map.class);
|
||||
ResponseEntity<?> exchange = this.testRestTemplate.exchange(envRequest, Map.class);
|
||||
assertThat(exchange.getStatusCode()).isEqualTo(HttpStatus.OK);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user