Spring Security Form login requiresAuthenticationMatcher is not used in WebFlux

Summary

When specifying a custom requiresAuthenticationMatcher in formLogin for WebFlux security, it is not used unless a custom authenticationEntryPoint is used.

Example configuration:

SecurityWebFilterChain securityWebFilter = this.http
    .authorizeExchange()
        .pathMatchers("/login", "/sign-in").permitAll()
        .anyExchange().authenticated()
        .and()
    .formLogin()
        .requiresAuthenticationMatcher(new PathPatternParserServerWebExchangeMatcher("/sign-in"))
        .and()
    .build();

Actual Behavior

Making a request to "/sign-in" does not perform authentication. Making a POST to "/login" does perform authentication.

Expected Behavior

Making a request to "/sign-in" should perform authentication. Making a POST to "/login" should not perform authentication.