Package org.springframework.security.config.web.server

Class ServerHttpSecurity.AnonymousSpec

java.lang.Object

org.springframework.security.config.web.server.ServerHttpSecurity.AnonymousSpec

Enclosing class:

ServerHttpSecurity

public final class ServerHttpSecurity.AnonymousSpec
extends Object

Configures anonymous authentication

Since:

5.2.0

Method Summary

Modifier and Type	Method	Description
ServerHttpSecurity	and()	Deprecated, for removal: This API element is subject to removal in a future version. For removal in 7.0.
ServerHttpSecurity.AnonymousSpec	authenticationFilter(AnonymousAuthenticationWebFilter authenticationFilter)	Sets the AnonymousAuthenticationWebFilter used to populate an anonymous user.
ServerHttpSecurity.AnonymousSpec	authorities(String... authorities)	Sets the Authentication.getAuthorities() for anonymous users
ServerHttpSecurity.AnonymousSpec	authorities(List<GrantedAuthority> authorities)	Sets the Authentication.getAuthorities() for anonymous users
protected void	configure(ServerHttpSecurity http)
ServerHttpSecurity	disable()	Disables anonymous authentication.
ServerHttpSecurity.AnonymousSpec	key(String key)	Sets the key to identify tokens created for anonymous authentication.
ServerHttpSecurity.AnonymousSpec	principal(Object principal)	Sets the principal for Authentication objects of anonymous users

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

key

public ServerHttpSecurity.AnonymousSpec key(String key)

Sets the key to identify tokens created for anonymous authentication. Default is a secure randomly generated key.

Parameters:

key - the key to identify tokens created for anonymous authentication. Default is a secure randomly generated key.

Returns:

the ServerHttpSecurity.AnonymousSpec for further customization of anonymous authentication

principal

public ServerHttpSecurity.AnonymousSpec principal(Object principal)

Sets the principal for Authentication objects of anonymous users

Parameters:

principal - used for the Authentication object of anonymous users

Returns:

the ServerHttpSecurity.AnonymousSpec for further customization of anonymous authentication

authorities

public ServerHttpSecurity.AnonymousSpec authorities(List<GrantedAuthority> authorities)

Sets the Authentication.getAuthorities() for anonymous users

Parameters:

authorities - Sets the Authentication.getAuthorities() for anonymous users

Returns:

the ServerHttpSecurity.AnonymousSpec for further customization of anonymous authentication

authorities

public ServerHttpSecurity.AnonymousSpec authorities(String... authorities)

Sets the Authentication.getAuthorities() for anonymous users

Parameters:

authorities - Sets the Authentication.getAuthorities() for anonymous users (i.e. "ROLE_ANONYMOUS")

Returns:

the ServerHttpSecurity.AnonymousSpec for further customization of anonymous authentication

authenticationFilter

public ServerHttpSecurity.AnonymousSpec authenticationFilter(AnonymousAuthenticationWebFilter authenticationFilter)

Sets the AnonymousAuthenticationWebFilter used to populate an anonymous user. If this is set, no attributes on the ServerHttpSecurity.AnonymousSpec will be set on the AnonymousAuthenticationWebFilter.

Parameters:

authenticationFilter - the AnonymousAuthenticationWebFilter used to populate an anonymous user.

Returns:

the ServerHttpSecurity.AnonymousSpec for further customization of anonymous authentication

and

@Deprecated(since="6.1",
            forRemoval=true)
public ServerHttpSecurity and()

Deprecated, for removal: This API element is subject to removal in a future version.

For removal in 7.0. Use ServerHttpSecurity.anonymous(Customizer) or anonymous(Customizer.withDefaults()) to stick with defaults. See the documentation for more details.

Allows method chaining to continue configuring the ServerHttpSecurity

Returns:

the ServerHttpSecurity to continue configuring

disable

public ServerHttpSecurity disable()

Disables anonymous authentication.

Returns:

the ServerHttpSecurity to continue configuring

configure

protected void configure(ServerHttpSecurity http)