@Override public void init(WebSecurity builder) throws Exception { if (this.server != null) { IgnoredRequestConfigurer ignoring = builder.ignoring(); // The ignores are not cumulative, so to prevent overwriting the defaults // we add them back. Set<String> ignored = new LinkedHashSet<String>(SpringBootWebSecurityConfiguration.getIgnored(this.security)); if (ignored.contains("none")) { ignored.remove("none"); } if (this.errorController != null) { ignored.add(normalizePath(this.errorController.getErrorPath())); } String[] paths = this.server.getPathsArray(ignored); RequestMatcher requestMatcher = this.management.getSecurity().isEnabled() ? null : LazyEndpointPathRequestMatcher.getRequestMatcher(this.contextResolver); if (!ObjectUtils.isEmpty(paths)) { List<RequestMatcher> matchers = new ArrayList<RequestMatcher>(); for (String pattern : paths) { matchers.add(new AntPathRequestMatcher(pattern, null)); } if (requestMatcher != null) { matchers.add(requestMatcher); } requestMatcher = new OrRequestMatcher(matchers); } if (requestMatcher != null) { ignoring.requestMatchers(requestMatcher); } } }
@Override public void init(WebSecurity builder) throws Exception { IgnoredRequestConfigurer ignoring = builder.ignoring(); List<String> ignored = getIgnored(this.security); if (this.errorController != null) { ignored.add(normalizePath(this.errorController.getErrorPath())); } String[] paths = this.server.getPathsArray(ignored); ignoring.antMatchers(paths); }