From 66123adc40f4ba71fa06045278f559e67fed07a4 Mon Sep 17 00:00:00 2001
From: chasegawa <chasegawa@unicon.net>
Date: Tue, 7 Jan 2025 11:52:33 -0700
Subject: [PATCH] SHIBUI-2646: fixes for trailing slashes for non-PAC4J config

---
 .../admin/ui/configuration/SpringSecurityConfig.java       | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java
index c5933f880..2f6a82a82 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/SpringSecurityConfig.java
@@ -112,7 +112,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
             .authorizeHttpRequests()
             .requestMatchers(new AntPathRequestMatcher("/unsecured/**/*"),
                              new AntPathRequestMatcher("/entities*"),
-                             new AntPathRequestMatcher("/entities/**/*"),
+                             new AntPathRequestMatcher("/entities/*"),
+                             new AntPathRequestMatcher("/entities/**"),
                              new AntPathRequestMatcher("/actuator/**"),
                              new AntPathRequestMatcher("/api/beacon/send")).permitAll()
             .anyRequest().hasAnyRole(acceptedAuthenticationRoles)
@@ -158,7 +159,9 @@ public InMemoryUserDetailsManager userDetailsManager() {
     @Profile("!no-auth")
     public WebSecurityCustomizer webSecurityCustomizer() {
         return (web) -> web.ignoring().requestMatchers(new AntPathRequestMatcher("/unsecured/**/*"),
-                        new AntPathRequestMatcher("/entities/**/*"),
+                        new AntPathRequestMatcher("/entities*"),
+                        new AntPathRequestMatcher("/entities/*"),
+                        new AntPathRequestMatcher("/entities/**"),
                         new AntPathRequestMatcher("/favicon.ico"),
                         new AntPathRequestMatcher("/assets/**/*.png"),
                         new AntPathRequestMatcher("/static/**/*"),