spring-security-config/org.springframework.security.config.annotation.web/HttpSecurityDsl/securityMatcher

securityMatcher

fun securityMatcher(vararg pattern: String)

Allows configuring the HttpSecurity to only be invoked when matching the provided pattern. If Spring MVC is on the classpath, it will use an MVC matcher. If Spring MVC is not an the classpath, it will use an ant matcher.

Example:

@Configuration
@EnableWebSecurity
class SecurityConfig {

    @Bean
    fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
        http {
            securityMatcher("/private/**")
            formLogin {
                loginPage = "/log-in"
            }
        }
        return http.build()
    }
}
Content copied to clipboard

Parameters

pattern

one or more patterns used to determine whether this configuration should be invoked.

fun securityMatcher(vararg requestMatcher: RequestMatcher)

Allows configuring the HttpSecurity to only be invoked when matching the provided RequestMatcher.

Example:

@Configuration
@EnableWebSecurity
class SecurityConfig {

    @Bean
    fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
        http {
            securityMatcher(pathPattern("/private/**"))
            formLogin {
                loginPage = "/log-in"
            }
        }
        return http.build()
    }
}
Content copied to clipboard

Parameters

requestMatcher

one or more RequestMatcher used to determine whether this configuration should be invoked.

Generated by Dokka
© 2026 Copyright