From 558b7e0b4710fa3be3dfb28321d0548f378513e9 Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Wed, 2 Jul 2025 13:23:15 -0600 Subject: [PATCH] Use PathPatternRequestMatcher in cas Issue gh-16887 --- .../security/cas/web/CasAuthenticationFilter.java | 8 ++++---- .../security/cas/web/CasAuthenticationFilterTests.java | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java b/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java index 0038f6de43..be8d828504 100644 --- a/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java +++ b/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java @@ -51,12 +51,12 @@ import org.springframework.security.web.context.SecurityContextRepository; import org.springframework.security.web.savedrequest.HttpSessionRequestCache; import org.springframework.security.web.savedrequest.RequestCache; import org.springframework.security.web.savedrequest.SavedRequest; -import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; import org.springframework.util.StringUtils; +import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern; + /** * Processes a CAS service ticket, obtains proxy granting tickets, and processes proxy * tickets. @@ -216,7 +216,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil public CasAuthenticationFilter() { super("/login/cas"); - RequestMatcher processUri = PathPatternRequestMatcher.withDefaults().matcher("/login/cas"); + RequestMatcher processUri = pathPattern("/login/cas"); setRequiresAuthenticationRequestMatcher(processUri); setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler()); setSecurityContextRepository(this.securityContextRepository); @@ -335,7 +335,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil } public final void setProxyReceptorUrl(final String proxyReceptorUrl) { - this.proxyReceptorMatcher = new AntPathRequestMatcher("/**" + proxyReceptorUrl); + this.proxyReceptorMatcher = pathPattern(proxyReceptorUrl); } public final void setProxyGrantingTicketStorage(final ProxyGrantingTicketStorage proxyGrantingTicketStorage) { diff --git a/cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java b/cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java index 423c99cfe5..daa1d23cbd 100644 --- a/cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java +++ b/cas/src/test/java/org/springframework/security/cas/web/CasAuthenticationFilterTests.java @@ -43,7 +43,6 @@ import org.springframework.security.core.context.SecurityContextImpl; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.context.SecurityContextRepository; import org.springframework.security.web.savedrequest.HttpSessionRequestCache; -import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher; import org.springframework.test.util.ReflectionTestUtils; import static org.assertj.core.api.Assertions.assertThat; @@ -57,6 +56,7 @@ import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.verifyNoMoreInteractions; import static org.springframework.security.web.servlet.TestMockHttpServletRequests.get; import static org.springframework.security.web.servlet.TestMockHttpServletRequests.post; +import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern; /** * Tests {@link CasAuthenticationFilter}. @@ -266,7 +266,7 @@ public class CasAuthenticationFilterTests { MockHttpServletRequest request = get("/pgtCallback").build(); MockHttpServletResponse response = new MockHttpServletResponse(); assertThat(filter.requiresAuthentication(request, response)).isFalse(); - filter.setProxyReceptorMatcher(PathPatternRequestMatcher.withDefaults().matcher(request.getServletPath())); + filter.setProxyReceptorMatcher(pathPattern(request.getServletPath())); assertThat(filter.requiresAuthentication(request, response)).isFalse(); filter.setProxyGrantingTicketStorage(mock(ProxyGrantingTicketStorage.class)); assertThat(filter.requiresAuthentication(request, response)).isTrue();