Skip to content

requestMatchers("").not() API is not present in Spring Security 6 #14058

New issue
New issue
Closed
#14236
Closed
requestMatchers("").not() API is not present in Spring Security 6#14058
#14236
Assignees
jzheaux
Labels
in: configAn issue in spring-security-configtype: enhancementA general enhancement
@muralikrishna8

Description

@muralikrishna8
muralikrishna8
opened on Oct 28, 2023

Describe the bug
In Spring Security 5 request matchers there is a possibility to invert the .hasRole with the .not method. But it seems there is no way of doing this in Spring Security 6

To Reproduce
I'm trying to migrate the below config to Spring Security 6

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {

    http.authorizeRequests().requestMatchers("/test").not().hasRole("SPECIAL_ROLE").anyRequest().authenticated();

    return http.build();
}

Expected behavior
There should be some API so that I can have a matcher that will allow the user if they don't have that SPECIAL_ROLE

Sample Code
https://github.com/muralikrishna8/spring-security-issue

Metadata

Metadata

Assignees

Labels

in: configAn issue in spring-security-configtype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions