Spring Security unable to access h2-console with Spring Security 6

Describe the bug - I've upgraded a working Spring Boot 2 / Spring Security 5 project to Spring Boot 3 / Spring Security 6 project using the H2 database - No matter my security configuration, all requests to /h2-console are redirected to /login

To Reproduce Here's my security config:

    @Bean
    public SecurityFilterChain formFilterChain(HttpSecurity http) throws Exception {

        http
            .csrf(csrf -> csrf.ignoringRequestMatchers("/h2-console/**"))
            .authorizeHttpRequests(auth -> auth
                    .requestMatchers("/h2-console/**").permitAll()
                    .anyRequest().authenticated()
            )
                .headers(headers -> headers.frameOptions().sameOrigin());
        return http.build();
    }

Expected behavior - Should be able to navigate to /h2-console and use as needed

Sample

https://github.com/wazooinc/spring-boot-3-login-registration-template

Comment From: marcusdacoregio

Hi @erikyuzwa, I think this is related to https://github.com/spring-projects/spring-security/issues/12310#issuecomment-1328990026

Can you confirm?

Comment From: erikyuzwa

whoa - that's pretty cool - THANK YOU @marcusdacoregio! - the first method didn't seem to work, but the PathRequest.toH2Console() sure did! - now working config (for anyone else beating their head against a wall)

    @Bean
    public SecurityFilterChain h2FilterChain(HttpSecurity http) throws Exception {

        http
                .csrf(csrf -> csrf.ignoringRequestMatchers(PathRequest.toH2Console()))
                .authorizeHttpRequests(auth -> auth
                        .requestMatchers(PathRequest.toH2Console()).permitAll()
                        .anyRequest().authenticated()
                )
                .headers(headers -> headers.frameOptions().sameOrigin());

        return http.build();
    }