Update to Use New DelegateAuthenticationEntryPoint Constructor

jzheaux · jzheaux · commit 35a614b243e0 · 2025-09-16T15:13:52.000-06:00
diff --git a/web/src/main/java/org/springframework/security/web/access/DelegatingMissingAuthorityAccessDeniedHandler.java b/web/src/main/java/org/springframework/security/web/access/DelegatingMissingAuthorityAccessDeniedHandler.java
@@ -17,6 +17,7 @@
 package org.springframework.security.web.access;
 
 import java.io.IOException;
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.LinkedHashMap;
 import java.util.List;
@@ -40,6 +41,7 @@
 import org.springframework.security.web.util.ThrowableAnalyzer;
 import org.springframework.security.web.util.matcher.AnyRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
+import org.springframework.security.web.util.matcher.RequestMatcherEntry;
 
 public final class DelegatingMissingAuthorityAccessDeniedHandler implements AccessDeniedHandler {
 
@@ -114,7 +116,7 @@ public static Builder builder() {
 
 	public static final class Builder {
 
-		private final Map<String, Map<RequestMatcher, AuthenticationEntryPoint>> entryPointByRequestMatcherByAuthority = new LinkedHashMap<>();
+		private final Map<String, List<RequestMatcherEntry<AuthenticationEntryPoint>>> entryPointByRequestMatcherByAuthority = new LinkedHashMap<>();
 
 		private Builder() {
 
@@ -123,9 +125,9 @@ private Builder() {
 		Builder entryPointFor(RequestMatcher requestMatcher, AuthenticationEntryPoint entryPoint,
 				String... authorities) {
 			for (String authority : authorities) {
-				Map<RequestMatcher, AuthenticationEntryPoint> requestMatcherByAuthority = this.entryPointByRequestMatcherByAuthority
-					.computeIfAbsent(authority, (k) -> new LinkedHashMap<>());
-				requestMatcherByAuthority.put(requestMatcher, entryPoint);
+				List<RequestMatcherEntry<AuthenticationEntryPoint>> entryPointByRequestMatcher = this.entryPointByRequestMatcherByAuthority
+					.computeIfAbsent(authority, (k) -> new ArrayList<>());
+				entryPointByRequestMatcher.add(new RequestMatcherEntry<>(requestMatcher, entryPoint));
 			}
 			return this;
 		}
@@ -137,16 +139,15 @@ public EntryPoint authorities(String... authorities) {
 		public DelegatingMissingAuthorityAccessDeniedHandler build() {
 			Map<String, AuthenticationEntryPoint> entryPointByAuthority = new LinkedHashMap<>();
 			for (String authority : this.entryPointByRequestMatcherByAuthority.keySet()) {
-				Map<RequestMatcher, AuthenticationEntryPoint> entryPointByRequestMatcher = this.entryPointByRequestMatcherByAuthority
+				List<RequestMatcherEntry<AuthenticationEntryPoint>> entryPointByRequestMatcher = this.entryPointByRequestMatcherByAuthority
 					.get(authority);
-				AuthenticationEntryPoint defaultEntryPoint = entryPointByRequestMatcher.values().iterator().next();
+				AuthenticationEntryPoint defaultEntryPoint = entryPointByRequestMatcher.iterator().next().getEntry();
 				if (entryPointByRequestMatcher.size() == 1) {
 					entryPointByAuthority.put(authority, defaultEntryPoint);
 				}
 				else {
 					DelegatingAuthenticationEntryPoint entryPoint = new DelegatingAuthenticationEntryPoint(
-							new LinkedHashMap<>(entryPointByRequestMatcher));
-					entryPoint.setDefaultEntryPoint(defaultEntryPoint);
+							defaultEntryPoint, entryPointByRequestMatcher);
 					entryPointByAuthority.put(authority, entryPoint);
 				}
 			}
