Describe the bug
In the provided documentation, there is a code snippet that suggests using DispatcherType within the authorizeHttpRequests block as follows:
authorizeHttpRequests {
authorize(DispatcherType.FORWARD, permitAll)
authorize(anyRequest, authenticated)
}
However, it appears that there is no method available that accepts DispatcherType as an argument within the authorize method. As a result, users might encounter confusion when trying to implement authorization based on DispatcherType.
To Reproduce
Expected behavior
It seems like there might be potential for modifying the document as follows
authorizeHttpRequests {
authorize(DispatcherTypeRequestMatcher(DispatcherType.FORWARD), permitAll)
authorize(anyRequest, authenticated)
}
or considering an approach to overload the method that accepts the DispatchType in the “authorize” function.
Comment From: marcusdacoregio
Closing in favor of https://github.com/spring-projects/spring-security/pull/13729