Package org.springframework.security.config.annotation.web.configurers

Class AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry

java.lang.Object

org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry<AuthorizeHttpRequestsConfigurer<H>.AuthorizedUrl>

org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry

Enclosing class:

AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder<H>>

public final class AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
extends AbstractRequestMatcherRegistry<AuthorizeHttpRequestsConfigurer<H>.AuthorizedUrl>

Registry for mapping a RequestMatcher to an AuthorizationManager.

Method Summary

Modifier and Type	Method	Description
H	and()	Deprecated, for removal: This API element is subject to removal in a future version. For removal in 7.0.
protected AuthorizeHttpRequestsConfigurer<H>.AuthorizedUrl	chainRequestMatchers(List<org.springframework.security.web.util.matcher.RequestMatcher> requestMatchers)	Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.
AuthorizeHttpRequestsConfigurer<H>.AuthorizationManagerRequestMatcherRegistry	shouldFilterAllDispatcherTypes(boolean shouldFilter)	Deprecated, for removal: This API element is subject to removal in a future version. Permit access to the DispatcherType instead.
AuthorizeHttpRequestsConfigurer<H>.AuthorizationManagerRequestMatcherRegistry	withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)	Deprecated, for removal: This API element is subject to removal in a future version.
AuthorizeHttpRequestsConfigurer<H>.AuthorizationManagerRequestMatcherRegistry	withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)	Adds an ObjectPostProcessor for this class.

Methods inherited from class org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry

anyRequest, createMvcMatchers, dispatcherTypeMatchers, dispatcherTypeMatchers, getApplicationContext, requestMatchers, requestMatchers, requestMatchers, requestMatchers, setApplicationContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

chainRequestMatchers

protected AuthorizeHttpRequestsConfigurer<H>.AuthorizedUrl chainRequestMatchers(List<org.springframework.security.web.util.matcher.RequestMatcher> requestMatchers)

Description copied from class: AbstractRequestMatcherRegistry

Subclasses should implement this method for returning the object that is chained to the creation of the RequestMatcher instances.

Specified by:

chainRequestMatchers in class AbstractRequestMatcherRegistry<AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder<H>>.AuthorizedUrl>

Parameters:

requestMatchers - the RequestMatcher instances that were created

Returns:

the chained Object for the subclass which allows association of something else to the RequestMatcher

withObjectPostProcessor

public AuthorizeHttpRequestsConfigurer<H>.AuthorizationManagerRequestMatcherRegistry withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)

Adds an ObjectPostProcessor for this class.

Parameters:

objectPostProcessor - the ObjectPostProcessor to use

Returns:

the AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder<H>>.AuthorizationManagerRequestMatcherRegistry for further customizations

withObjectPostProcessor

@Deprecated(since="6.4",
            forRemoval=true)
public AuthorizeHttpRequestsConfigurer<H>.AuthorizationManagerRequestMatcherRegistry withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)

Deprecated, for removal: This API element is subject to removal in a future version.

shouldFilterAllDispatcherTypes

@Deprecated(since="6.1",
            forRemoval=true)
public AuthorizeHttpRequestsConfigurer<H>.AuthorizationManagerRequestMatcherRegistry shouldFilterAllDispatcherTypes(boolean shouldFilter)

Deprecated, for removal: This API element is subject to removal in a future version.

Permit access to the DispatcherType instead.

 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {

        @Bean
        public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
                http
                        .authorizeHttpRequests((authorize) -> authorize
                                .dispatcherTypeMatchers(DispatcherType.ERROR).permitAll()
                                // ...
                        );
                return http.build();
        }
 }
 

Sets whether all dispatcher types should be filtered.

Parameters:

shouldFilter - should filter all dispatcher types. Default is true

Returns:

the AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder<H>>.AuthorizationManagerRequestMatcherRegistry for further customizations

Since:

5.7

and

@Deprecated(since="6.1",
            forRemoval=true)
public H and()

Deprecated, for removal: This API element is subject to removal in a future version.

For removal in 7.0. Use the lambda based configuration instead.

Return the HttpSecurityBuilder when done using the AuthorizeHttpRequestsConfigurer. This is useful for method chaining.

Returns:

the HttpSecurityBuilder for further customizations