A published PathPatternRequestMatcher.Builder bean is intended to align
application endpoint matchers, which commonly are from the same servlet.
This commit ensures that this bean is used by securityMatcher(s),
authorizeHttpRequests, and WebSecurity#ignoring, which target
application endpoints typically served by servlets.
This commit also adds tests ensuring that the bean is not applied to filter-chain
security endpoints such as those configured by formLogin, logout,
oneTimeTokenLogin, OAuth 2.0 Login, and SAML 2.0 Login, since
these endpoints are, by default, handled by filters independent from
any target servlet and servlet path.
Closes gh-19128
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Josh Cummings
cfdadfea01