Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.config.annotation.web.configurers
Class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>,C>

java.lang.Object
  extended by org.springframework.security.config.annotation.SecurityConfigurerAdapter<O,B>
      extended by org.springframework.security.config.annotation.web.AbstractRequestMatcherConfigurer<B,C,O>
          extended by org.springframework.security.config.annotation.web.configurers.AbstractRequestMatcherMappingConfigurer<H,R,DefaultSecurityFilterChain>
              extended by org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer<H,C>
Type Parameters:
H - the type of HttpSecurityBuilder that is being configured
C - the type of object that is being chained
All Implemented Interfaces:
SecurityConfigurer<DefaultSecurityFilterChain,H>
public final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>,C>
extends AbstractRequestMatcherMappingConfigurer<H,R,DefaultSecurityFilterChain>

Adds URL based authorization using DefaultFilterInvocationSecurityMetadataSource. At least one RequestMapping needs to be mapped to ConfigAttribute's for this SecurityContextConfigurer to have meaning.

Security Filters

The following Filters are populated

Shared Objects Created

The following shared objects are populated to allow other SecurityConfigurer's to customize:

Shared Objects Used

The following shared objects are used:

Since:
3.2
See Also:
ExpressionUrlAuthorizationConfigurer

Nested Class Summary
 class UrlAuthorizationConfigurer.AuthorizedUrl
          Maps the specified RequestMatcher instances to ConfigAttribute instances.
 
Constructor Summary
UrlAuthorizationConfigurer()
           
 
Method Summary
 C accessDecisionManager(AccessDecisionManager accessDecisionManager)
          Allows setting the AccessDecisionManager.
protected  UrlAuthorizationConfigurer.AuthorizedUrl chainRequestMatchersInternal(List<RequestMatcher> requestMatchers)
          Chains the RequestMatcher creation to the UrlAuthorizationConfigurer.AuthorizedUrl class.
 void configure(H http)
          Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
 C filterSecurityInterceptorOncePerRequest(boolean filterSecurityInterceptorOncePerRequest)
          Allows setting if the FilterSecurityInterceptor should be only applied once per request (i.e.
 UrlAuthorizationConfigurer<H,C> withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
          Adds an ObjectPostProcessor for this class.
 
Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractRequestMatcherMappingConfigurer
chainRequestMatchers
 
Methods inherited from class org.springframework.security.config.annotation.web.AbstractRequestMatcherConfigurer
antMatchers, antMatchers, anyRequest, regexMatchers, regexMatchers, requestMatchers
 
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilder
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.springframework.security.config.annotation.SecurityConfigurer
init
 

Constructor Detail

UrlAuthorizationConfigurer

public UrlAuthorizationConfigurer()
Method Detail

withObjectPostProcessor

public UrlAuthorizationConfigurer<H,C> withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
Adds an ObjectPostProcessor for this class.

Parameters:
objectPostProcessor -
Returns:
the UrlAuthorizationConfigurer for further customizations

chainRequestMatchersInternal

protected UrlAuthorizationConfigurer.AuthorizedUrl chainRequestMatchersInternal(List<RequestMatcher> requestMatchers)
Chains the RequestMatcher creation to the UrlAuthorizationConfigurer.AuthorizedUrl class.

Specified by:
chainRequestMatchersInternal in class AbstractRequestMatcherMappingConfigurer<H extends HttpSecurityBuilder<H>,UrlAuthorizationConfigurer.AuthorizedUrl,DefaultSecurityFilterChain>
Parameters:
requestMatchers - the RequestMatcher instances that were created
Returns:
the chained Object for the subclass which allows association of something else to the RequestMatcher

accessDecisionManager

public C accessDecisionManager(AccessDecisionManager accessDecisionManager)
Allows setting the AccessDecisionManager. If none is provided, a default is created.

Parameters:
accessDecisionManager - the AccessDecisionManager to use
Returns:
the AbstractInterceptUrlConfigurer for further customization

filterSecurityInterceptorOncePerRequest

public C filterSecurityInterceptorOncePerRequest(boolean filterSecurityInterceptorOncePerRequest)
Allows setting if the FilterSecurityInterceptor should be only applied once per request (i.e. if the filter intercepts on a forward, should it be applied again).

Parameters:
filterSecurityInterceptorOncePerRequest - if the FilterSecurityInterceptor should be only applied once per request
Returns:
the AbstractInterceptUrlConfigurer for further customization

configure

public void configure(H http)
               throws Exception
Description copied from interface: SecurityConfigurer
Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.

Specified by:
configure in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Overrides:
configure in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Throws:
Exception
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD