Because MockMvc's mock servlet context does not return any servlet registrations, Spring Security will pick AntPathRequestMatcher when requestMatchers(String) is used, even though an MvcRequestMatcher is likely the intended request matcher.
Comment From: jzheaux
There haven't been any reports yet of this causing an issue. I'm going to close this for now since seeing any behavioral problems will better inform the kind of change that should be made.
Comment From: jzheaux
Given https://github.com/spring-projects/spring-security/issues/14418, I'm reopening this issue.