Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.config.annotation.web.configurers
Class AnonymousConfigurer<H extends HttpSecurityBuilder<H>>

java.lang.Object
  extended by org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
      extended by org.springframework.security.config.annotation.web.configurers.AnonymousConfigurer<H>
All Implemented Interfaces:
SecurityConfigurer<DefaultSecurityFilterChain,H>
public final class AnonymousConfigurer<H extends HttpSecurityBuilder<H>>
extends SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>

Configures Anonymous authentication (i.e. populate an Authentication that represents an anonymous user instead of having a null value) for an HttpSecurity. Specifically this will configure an AnonymousAuthenticationFilter and an AnonymousAuthenticationProvider. All properties have reasonable defaults, so no additional configuration is required other than applying this SecurityConfigurer.

Since:
3.2

Constructor Summary
AnonymousConfigurer()
          Creates a new instance
 
Method Summary
 AnonymousConfigurer<H> authenticationFilter(AnonymousAuthenticationFilter authenticationFilter)
          Sets the AnonymousAuthenticationFilter used to populate an anonymous user.
 AnonymousConfigurer<H> authenticationProvider(AuthenticationProvider authenticationProvider)
          Sets the AuthenticationProvider used to validate an anonymous user.
 AnonymousConfigurer<H> authorities(List<GrantedAuthority> authorities)
          Sets the Authentication.getAuthorities() for anonymous users
 AnonymousConfigurer<H> authorities(String... authorities)
          Sets the Authentication.getAuthorities() for anonymous users
 void configure(H http)
          Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
 B disable()
          Disables the AbstractHttpConfigurer by removing it.
 void init(H http)
          Initialize the SecurityBuilder.
 AnonymousConfigurer<H> key(String key)
          Sets the key to identify tokens created for anonymous authentication.
 AnonymousConfigurer<H> principal(Object principal)
          Sets the principal for Authentication objects of anonymous users
 T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
           
 
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AnonymousConfigurer

public AnonymousConfigurer()
Creates a new instance

See Also:
HttpSecurity.anonymous()
Method Detail

key

public AnonymousConfigurer<H> key(String key)
Sets the key to identify tokens created for anonymous authentication. Default is a secure randomly generated key.

Parameters:
key - the key to identify tokens created for anonymous authentication. Default is a secure randomly generated key.
Returns:
the AnonymousConfigurer for further customization of anonymous authentication

principal

public AnonymousConfigurer<H> principal(Object principal)
Sets the principal for Authentication objects of anonymous users

Parameters:
principal - used for the Authentication object of anonymous users
Returns:
the AnonymousConfigurer for further customization of anonymous authentication

authorities

public AnonymousConfigurer<H> authorities(List<GrantedAuthority> authorities)
Sets the Authentication.getAuthorities() for anonymous users

Parameters:
authorities - Sets the Authentication.getAuthorities() for anonymous users
Returns:
the AnonymousConfigurer for further customization of anonymous authentication

authorities

public AnonymousConfigurer<H> authorities(String... authorities)
Sets the Authentication.getAuthorities() for anonymous users

Parameters:
authorities - Sets the Authentication.getAuthorities() for anonymous users (i.e. "ROLE_ANONYMOUS")
Returns:
the AnonymousConfigurer for further customization of anonymous authentication

authenticationProvider

public AnonymousConfigurer<H> authenticationProvider(AuthenticationProvider authenticationProvider)
Sets the AuthenticationProvider used to validate an anonymous user. If this is set, no attributes on the AnonymousConfigurer will be set on the AuthenticationProvider.

Parameters:
authenticationProvider - the AuthenticationProvider used to validate an anonymous user. Default is AnonymousAuthenticationProvider
Returns:
the AnonymousConfigurer for further customization of anonymous authentication

authenticationFilter

public AnonymousConfigurer<H> authenticationFilter(AnonymousAuthenticationFilter authenticationFilter)
Sets the AnonymousAuthenticationFilter used to populate an anonymous user. If this is set, no attributes on the AnonymousConfigurer will be set on the AnonymousAuthenticationFilter.

Parameters:
authenticationFilter - the AnonymousAuthenticationFilter used to populate an anonymous user.
Returns:
the AnonymousConfigurer for further customization of anonymous authentication

init

public void init(H http)
          throws Exception
Description copied from interface: SecurityConfigurer
Initialize the SecurityBuilder. Here only shared state should be created and modified, but not properties on the SecurityBuilder used for building the object. This ensures that the SecurityConfigurer.configure(SecurityBuilder) method uses the correct shared objects when building.

Specified by:
init in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Overrides:
init in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Throws:
Exception

configure

public void configure(H http)
               throws Exception
Description copied from interface: SecurityConfigurer
Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.

Specified by:
configure in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Overrides:
configure in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Throws:
Exception

disable

public B disable()
Disables the AbstractHttpConfigurer by removing it. After doing so a fresh version of the configuration can be applied.

Returns:
the HttpSecurityBuilder for additional customizations

withObjectPostProcessor

public T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD