diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java index 88ac8eb547d..be57fc34507 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java @@ -344,7 +344,7 @@ public StandardInterceptUrlRegistry hasAnyAuthority(String... authorities) { * @return the {@link UrlAuthorizationConfigurer} for further customization */ public StandardInterceptUrlRegistry anonymous() { - return hasRole("ROLE_ANONYMOUS"); + return hasRole("ANONYMOUS"); } /** diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java index 2a598af47af..4e64462369e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurerTests.java @@ -41,6 +41,7 @@ /** * @author Rob Winch + * @author M.S. Dousti * */ public class UrlAuthorizationConfigurerTests { @@ -203,6 +204,24 @@ public String path() { } } + @Test + public void anonymousUrlAuthorization() { + loadConfig(AnonymousUrlAuthorizationConfig.class); + } + + @EnableWebSecurity + @Configuration + static class AnonymousUrlAuthorizationConfig extends WebSecurityConfigurerAdapter { + @Override + public void configure(HttpSecurity http) throws Exception { + // @formatter:off + http + .apply(new UrlAuthorizationConfigurer<>(null)).getRegistry() + .anyRequest().anonymous(); + // @formatter:on + } + } + public void loadConfig(Class... configs) { this.context = new AnnotationConfigWebApplicationContext(); this.context.register(configs);