Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.config.annotation.web.configurers
Class ExpressionUrlAuthorizationConfigurer.AuthorizedUrl

java.lang.Object
  extended by org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
Enclosing class:
ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
public final class ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
extends Object

Method Summary
 ExpressionUrlAuthorizationConfigurer<H> access(String attribute)
          Allows specifying that URLs are secured by an arbitrary expression
 ExpressionUrlAuthorizationConfigurer<H> anonymous()
          Specify that URLs are allowed by anonymous users.
 ExpressionUrlAuthorizationConfigurer<H> authenticated()
          Specify that URLs are allowed by any authenticated user.
 ExpressionUrlAuthorizationConfigurer<H> denyAll()
          Specify that URLs are not allowed by anyone.
 ExpressionUrlAuthorizationConfigurer<H> fullyAuthenticated()
          Specify that URLs are allowed by users who have authenticated and were not "remembered".
 ExpressionUrlAuthorizationConfigurer<H> hasAnyAuthority(String... authorities)
          Specify that URLs requires any of a number authorities.
 ExpressionUrlAuthorizationConfigurer<H> hasAuthority(String authority)
          Specify that URLs require a particular authority.
 ExpressionUrlAuthorizationConfigurer<H> hasIpAddress(String ipaddressExpression)
          Specify that URLs requires a specific IP Address or subnet.
 ExpressionUrlAuthorizationConfigurer<H> hasRole(String role)
          Shortcut for specifying URLs require a particular role.
 ExpressionUrlAuthorizationConfigurer.AuthorizedUrl not()
          Negates the following expression.
 ExpressionUrlAuthorizationConfigurer<H> permitAll()
          Specify that URLs are allowed by anyone.
 ExpressionUrlAuthorizationConfigurer<H> rememberMe()
          Specify that URLs are allowed by users that have been remembered.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

not

public ExpressionUrlAuthorizationConfigurer.AuthorizedUrl not()
Negates the following expression.

Parameters:
role - the role to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as this is automatically inserted.
Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

hasRole

public ExpressionUrlAuthorizationConfigurer<H> hasRole(String role)
Shortcut for specifying URLs require a particular role. If you do not want to have "ROLE_" automatically inserted see hasAuthority(String).

Parameters:
role - the role to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as this is automatically inserted.
Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

hasAuthority

public ExpressionUrlAuthorizationConfigurer<H> hasAuthority(String authority)
Specify that URLs require a particular authority.

Parameters:
authority - the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).
Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

hasAnyAuthority

public ExpressionUrlAuthorizationConfigurer<H> hasAnyAuthority(String... authorities)
Specify that URLs requires any of a number authorities.

Parameters:
authorities - the requests require at least one of the authorities (i.e. "ROLE_USER","ROLE_ADMIN" would mean either "ROLE_USER" or "ROLE_ADMIN" is required).
Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

hasIpAddress

public ExpressionUrlAuthorizationConfigurer<H> hasIpAddress(String ipaddressExpression)
Specify that URLs requires a specific IP Address or subnet.

Parameters:
ipaddressExpression - the ipaddress (i.e. 192.168.1.79) or local subnet (i.e. 192.168.0/24)
Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

permitAll

public ExpressionUrlAuthorizationConfigurer<H> permitAll()
Specify that URLs are allowed by anyone.

Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

anonymous

public ExpressionUrlAuthorizationConfigurer<H> anonymous()
Specify that URLs are allowed by anonymous users.

Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

rememberMe

public ExpressionUrlAuthorizationConfigurer<H> rememberMe()
Specify that URLs are allowed by users that have been remembered.

Returns:
the ExpressionUrlAuthorizationConfigurer for further customization
See Also:
RememberMeConfigurer}

denyAll

public ExpressionUrlAuthorizationConfigurer<H> denyAll()
Specify that URLs are not allowed by anyone.

Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

authenticated

public ExpressionUrlAuthorizationConfigurer<H> authenticated()
Specify that URLs are allowed by any authenticated user.

Returns:
the ExpressionUrlAuthorizationConfigurer for further customization

fullyAuthenticated

public ExpressionUrlAuthorizationConfigurer<H> fullyAuthenticated()
Specify that URLs are allowed by users who have authenticated and were not "remembered".

Returns:
the ExpressionUrlAuthorizationConfigurer for further customization
See Also:
RememberMeConfigurer}

access

public ExpressionUrlAuthorizationConfigurer<H> access(String attribute)
Allows specifying that URLs are secured by an arbitrary expression

Parameters:
attribute - the expression to secure the URLs (i.e. "hasRole('ROLE_USER') and hasRole('ROLE_SUPER')")
Returns:
the ExpressionUrlAuthorizationConfigurer for further customization
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD