diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java b/config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java index 1c8c53e7ce2..0cf3cb7e045 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java @@ -315,7 +315,7 @@ private boolean isDispatcherServlet(ServletRegistration registration) { } } - private String computeErrorMessage(Collection registrations) { + private static String computeErrorMessage(Collection registrations) { String template = "This method cannot decide whether these patterns are Spring MVC patterns or not. " + "If this endpoint is a Spring MVC endpoint, please use requestMatchers(MvcRequestMatcher); " + "otherwise, please use requestMatchers(AntPathRequestMatcher).\n\n" @@ -509,7 +509,7 @@ static class DispatcherServletRequestMatcher implements RequestMatcher { public boolean matches(HttpServletRequest request) { String name = request.getHttpServletMapping().getServletName(); ServletRegistration registration = this.servletContext.getServletRegistration(name); - Assert.notNull(name, "Failed to find servlet [" + name + "] in the servlet context"); + Assert.notNull(registration, computeErrorMessage(this.servletContext.getServletRegistrations().values())); try { Class clazz = Class.forName(registration.getClassName()); return DispatcherServlet.class.isAssignableFrom(clazz); @@ -551,18 +551,12 @@ RequestMatcher requestMatcher(HttpServletRequest request) { @Override public boolean matches(HttpServletRequest request) { - if (this.dispatcherServlet.matches(request)) { - return this.mvc.matches(request); - } - return this.ant.matches(request); + return requestMatcher(request).matches(request); } @Override public MatchResult matcher(HttpServletRequest request) { - if (this.dispatcherServlet.matches(request)) { - return this.mvc.matcher(request); - } - return this.ant.matcher(request); + return requestMatcher(request).matcher(request); } @Override diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryTests.java index 654ffaee7c2..411f92f9cba 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistryTests.java @@ -341,6 +341,19 @@ public void matchesWhenDispatcherServletThenMvc() { verifyNoMoreInteractions(mvc); } + @Test + public void matchesWhenNoMappingThenException() { + MockServletContext servletContext = new MockServletContext(); + servletContext.addServlet("default", DispatcherServlet.class).addMapping("/"); + servletContext.addServlet("path", Servlet.class).addMapping("/services/*"); + MvcRequestMatcher mvc = mock(MvcRequestMatcher.class); + AntPathRequestMatcher ant = mock(AntPathRequestMatcher.class); + DispatcherServletDelegatingRequestMatcher requestMatcher = new DispatcherServletDelegatingRequestMatcher(ant, + mvc, servletContext); + MockHttpServletRequest request = new MockHttpServletRequest("GET", "/services/endpoint"); + assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> requestMatcher.matcher(request)); + } + private void mockMvcIntrospector(boolean isPresent) { ApplicationContext context = this.matcherRegistry.getApplicationContext(); given(context.containsBean("mvcHandlerMappingIntrospector")).willReturn(isPresent);