For compliance reasons, we do need a kind of "web security configuration report" for all of our spring-boot applications. This report should print the http authorization rules (list of path matching rules with corresponding auth-configs).

We made a simple implementation which retrieves the spring security filter chain, finds the FilterSecurityInterceptor Filter and prints the containing requestMap (which maps RequestMatcher to Collection<ConfigAttribute).

While most spring-security RequestMatcher implementations (for example AntPathRequestMatcher, MvcRequestMatcher...) provides a explicit toString() method, the class EndpointRequest.EndpointRequestMatcher does not.

It would help us, if the EndpointRequestMatcher would provide a toString() method similar to spring-security requestmatchers.

Comment From: wilkinsona

Closing in favour of #33654.

Comment From: wilkinsona

33654 has been closed. Re-opening.

Comment From: mhalbritter

Closing in favor of #33690.