public class MessageSecurityMetadataSourceRegistry.Constraint extends Object
MessageMatcher
instances.Modifier and Type | Method and Description |
---|---|
MessageSecurityMetadataSourceRegistry |
access(String attribute)
Allows specifying that Messages are secured by an arbitrary expression
|
MessageSecurityMetadataSourceRegistry |
anonymous()
Specify that Messages are allowed by anonymous users.
|
MessageSecurityMetadataSourceRegistry |
authenticated()
Specify that Messages are allowed by any authenticated user.
|
MessageSecurityMetadataSourceRegistry |
denyAll()
Specify that Messages are not allowed by anyone.
|
MessageSecurityMetadataSourceRegistry |
fullyAuthenticated()
Specify that Messages are allowed by users who have authenticated and were not
"remembered".
|
MessageSecurityMetadataSourceRegistry |
hasAnyAuthority(String... authorities)
Specify that
Message instances requires any of a number authorities. |
MessageSecurityMetadataSourceRegistry |
hasAnyRole(String... roles)
Shortcut for specifying
Message instances require any of a number of
roles. |
MessageSecurityMetadataSourceRegistry |
hasAuthority(String authority)
Specify that
Message instances require a particular authority. |
MessageSecurityMetadataSourceRegistry |
hasRole(String role)
Shortcut for specifying
Message instances require a particular role. |
MessageSecurityMetadataSourceRegistry |
permitAll()
Specify that Messages are allowed by anyone.
|
MessageSecurityMetadataSourceRegistry |
rememberMe()
Specify that Messages are allowed by users that have been remembered.
|
public MessageSecurityMetadataSourceRegistry hasRole(String role)
Message
instances require a particular role. If
you do not want to have "ROLE_" automatically inserted see
hasAuthority(String)
.role
- the role to require (i.e. USER, ADMIN, etc). Note, it should not
start with "ROLE_" as this is automatically inserted.MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAnyRole(String... roles)
Message
instances require any of a number of
roles. If you do not want to have "ROLE_" automatically inserted see
hasAnyAuthority(String...)
roles
- the roles to require (i.e. USER, ADMIN, etc). Note, it should not
start with "ROLE_" as this is automatically inserted.MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAuthority(String authority)
Message
instances require a particular authority.authority
- the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAnyAuthority(String... authorities)
Message
instances requires any of a number authorities.authorities
- the requests require at least one of the authorities (i.e.
"ROLE_USER","ROLE_ADMIN" would mean either "ROLE_USER" or "ROLE_ADMIN" is
required).MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry permitAll()
MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry anonymous()
MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry rememberMe()
MessageSecurityMetadataSourceRegistry
for further
customizationRememberMeConfigurer}
public MessageSecurityMetadataSourceRegistry denyAll()
MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry authenticated()
MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry fullyAuthenticated()
MessageSecurityMetadataSourceRegistry
for further
customizationRememberMeConfigurer}
public MessageSecurityMetadataSourceRegistry access(String attribute)
attribute
- the expression to secure the URLs (i.e.
"hasRole('ROLE_USER') and hasRole('ROLE_SUPER')")MessageSecurityMetadataSourceRegistry
for further
customization