Package org.springframework.security.config.annotation.web.configurers

Class UrlAuthorizationConfigurer.AuthorizedUrl

java.lang.Object

org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl

Direct Known Subclasses:

UrlAuthorizationConfigurer.MvcMatchersAuthorizedUrl

Enclosing class:

UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>

public class UrlAuthorizationConfigurer.AuthorizedUrl
extends java.lang.Object

Maps the specified RequestMatcher instances to ConfigAttribute instances.

Since:

3.2

Method Summary

Modifier and Type	Method	Description
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry	access(java.lang.String... attributes)	Specifies that the user must have the specified ConfigAttribute's
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry	anonymous()	Specifies that an anonymous user is allowed access
protected java.util.List<? extends org.springframework.security.web.util.matcher.RequestMatcher>	getMatchers()
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry	hasAnyAuthority(java.lang.String... authorities)	Specifies that a user requires one of many authorities
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry	hasAnyRole(java.lang.String... roles)	Specifies that a user requires one of many roles.
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry	hasAuthority(java.lang.String authority)	Specifies a user requires an authority.
UrlAuthorizationConfigurer.StandardInterceptUrlRegistry	hasRole(java.lang.String role)	Specifies a user requires a role.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

hasRole

public UrlAuthorizationConfigurer.StandardInterceptUrlRegistry hasRole(java.lang.String role)

Specifies a user requires a role.

Parameters:

role - the role that should be required which is prepended with ROLE_ automatically (i.e. USER, ADMIN, etc). It should not start with ROLE_ the UrlAuthorizationConfigurer for further customization

hasAnyRole

public UrlAuthorizationConfigurer.StandardInterceptUrlRegistry hasAnyRole(java.lang.String... roles)

Specifies that a user requires one of many roles.

Parameters:

roles - the roles that the user should have at least one of (i.e. ADMIN, USER, etc). Each role should not start with ROLE_ since it is automatically prepended already.

Returns:

the UrlAuthorizationConfigurer for further customization

hasAuthority

public UrlAuthorizationConfigurer.StandardInterceptUrlRegistry hasAuthority(java.lang.String authority)

Specifies a user requires an authority.

Parameters:

authority - the authority that should be required

Returns:

the UrlAuthorizationConfigurer for further customization

hasAnyAuthority

public UrlAuthorizationConfigurer.StandardInterceptUrlRegistry hasAnyAuthority(java.lang.String... authorities)

Specifies that a user requires one of many authorities

Parameters:

authorities - the authorities that the user should have at least one of (i.e. ROLE_USER, ROLE_ADMIN, etc).

Returns:

the UrlAuthorizationConfigurer for further customization

anonymous

public UrlAuthorizationConfigurer.StandardInterceptUrlRegistry anonymous()

Specifies that an anonymous user is allowed access

Returns:

the UrlAuthorizationConfigurer for further customization

access

public UrlAuthorizationConfigurer.StandardInterceptUrlRegistry access(java.lang.String... attributes)

Specifies that the user must have the specified ConfigAttribute's

Parameters:

attributes - the ConfigAttribute's that restrict access to a URL

Returns:

the UrlAuthorizationConfigurer for further customization

getMatchers

protected java.util.List<? extends org.springframework.security.web.util.matcher.RequestMatcher> getMatchers()