From bbdbdbfeb16fa730cd1674420e8ef94d1a92bdc3 Mon Sep 17 00:00:00 2001 From: Preeti Toppo Date: Mon, 6 Apr 2026 15:40:37 +0530 Subject: [PATCH] Fix Kotlin docs to use valid authorize signatures The Real World Example used authorize(allowedPaths, permitAll) where allowedPaths is an Array, but this overload does not exist in AuthorizeHttpRequestsDsl. Replace with individual authorize(pattern, access) calls per path. Also remove unused viewBalancePaths variable. Closes gh-17174 Signed-off-by: Preeti Toppo --- .../ROOT/pages/servlet/configuration/kotlin.adoc | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/configuration/kotlin.adoc b/docs/modules/ROOT/pages/servlet/configuration/kotlin.adoc index 011f0140214..7f611dd615d 100644 --- a/docs/modules/ROOT/pages/servlet/configuration/kotlin.adoc +++ b/docs/modules/ROOT/pages/servlet/configuration/kotlin.adoc @@ -301,11 +301,10 @@ class BankingSecurityConfig { @Order(2) <3> open fun bankingSecurityFilterChain(http: HttpSecurity): SecurityFilterChain { val bankingPaths = arrayOf("/accounts/**", "/loans/**", "/credit-cards/**", "/balances/**") - val viewBalancePaths = arrayOf("/balances/**") http { securityMatcher(*bankingPaths) authorizeHttpRequests { - authorize(viewBalancePaths, hasRole("VIEW_BALANCE")) + authorize("/balances/**", hasRole("VIEW_BALANCE")) authorize(anyRequest, hasRole("USER")) } } @@ -314,10 +313,14 @@ class BankingSecurityConfig { @Bean <4> open fun defaultSecurityFilterChain(http: HttpSecurity): SecurityFilterChain { - val allowedPaths = arrayOf("/", "/user-login", "/user-logout", "/notices", "/contact", "/register") http { authorizeHttpRequests { - authorize(allowedPaths, permitAll) + authorize("/", permitAll) + authorize("/user-login", permitAll) + authorize("/user-logout", permitAll) + authorize("/notices", permitAll) + authorize("/contact", permitAll) + authorize("/register", permitAll) authorize(anyRequest, authenticated) } formLogin {