|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.security.config.annotation.SecurityConfigurerAdapter<O,B> org.springframework.security.config.annotation.web.AbstractRequestMatcherConfigurer<B,C,O> org.springframework.security.config.annotation.web.configurers.AbstractRequestMatcherMappingConfigurer<H,R,DefaultSecurityFilterChain> org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer<H,C>
H
- the type of HttpSecurityBuilder
that is being configuredC
- the type of object that is being chainedpublic final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>,C>
Adds URL based authorization using DefaultFilterInvocationSecurityMetadataSource
. At least one
RequestMapping
needs to be mapped to ConfigAttribute
's for
this SecurityContextConfigurer
to have meaning.
SecurityConfigurer
's to customize:
org.springframework.security.config.annotation.web.builders.HttpSecurity#getAuthenticationManager()
ExpressionUrlAuthorizationConfigurer
Nested Class Summary | |
---|---|
class |
UrlAuthorizationConfigurer.AuthorizedUrl
Maps the specified RequestMatcher instances to ConfigAttribute instances. |
Constructor Summary | |
---|---|
UrlAuthorizationConfigurer()
|
Method Summary | |
---|---|
C |
accessDecisionManager(AccessDecisionManager accessDecisionManager)
Allows setting the AccessDecisionManager . |
protected UrlAuthorizationConfigurer.AuthorizedUrl |
chainRequestMatchersInternal(List<RequestMatcher> requestMatchers)
Chains the RequestMatcher creation to the UrlAuthorizationConfigurer.AuthorizedUrl class. |
void |
configure(H http)
Configure the SecurityBuilder by setting the necessary properties
on the SecurityBuilder . |
C |
filterSecurityInterceptorOncePerRequest(boolean filterSecurityInterceptorOncePerRequest)
Allows setting if the FilterSecurityInterceptor should be only applied once per request (i.e. |
UrlAuthorizationConfigurer<H,C> |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
Adds an ObjectPostProcessor for this class. |
Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractRequestMatcherMappingConfigurer |
---|
chainRequestMatchers |
Methods inherited from class org.springframework.security.config.annotation.web.AbstractRequestMatcherConfigurer |
---|
antMatchers, antMatchers, anyRequest, regexMatchers, regexMatchers, requestMatchers |
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter |
---|
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilder |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Methods inherited from interface org.springframework.security.config.annotation.SecurityConfigurer |
---|
init |
Constructor Detail |
---|
public UrlAuthorizationConfigurer()
Method Detail |
---|
public UrlAuthorizationConfigurer<H,C> withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
ObjectPostProcessor
for this class.
objectPostProcessor
-
UrlAuthorizationConfigurer
for further customizationsprotected UrlAuthorizationConfigurer.AuthorizedUrl chainRequestMatchersInternal(List<RequestMatcher> requestMatchers)
RequestMatcher
creation to the UrlAuthorizationConfigurer.AuthorizedUrl
class.
chainRequestMatchersInternal
in class AbstractRequestMatcherMappingConfigurer<H extends HttpSecurityBuilder<H>,UrlAuthorizationConfigurer.AuthorizedUrl,DefaultSecurityFilterChain>
requestMatchers
- the RequestMatcher
instances that were created
RequestMatcher
public C accessDecisionManager(AccessDecisionManager accessDecisionManager)
AccessDecisionManager
. If none is provided, a default is
created.
accessDecisionManager
- the AccessDecisionManager
to use
AbstractInterceptUrlConfigurer
for further customizationpublic C filterSecurityInterceptorOncePerRequest(boolean filterSecurityInterceptorOncePerRequest)
FilterSecurityInterceptor
should be only applied once per request (i.e. if the
filter intercepts on a forward, should it be applied again).
filterSecurityInterceptorOncePerRequest
- if the FilterSecurityInterceptor
should be only applied
once per request
AbstractInterceptUrlConfigurer
for further customizationpublic void configure(H http) throws Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties
on the SecurityBuilder
.
configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |