public final class MessageSecurityMetadataSourceRegistry.Constraint
extends java.lang.Object
MessageMatcher
instances.Modifier and Type | Method and Description |
---|---|
MessageSecurityMetadataSourceRegistry |
access(java.lang.String attribute)
Allows specifying that Messages are secured by an arbitrary expression
|
MessageSecurityMetadataSourceRegistry |
anonymous()
Specify that Messages are allowed by anonymous users.
|
MessageSecurityMetadataSourceRegistry |
authenticated()
Specify that Messages are allowed by any authenticated user.
|
MessageSecurityMetadataSourceRegistry |
denyAll()
Specify that Messages are not allowed by anyone.
|
MessageSecurityMetadataSourceRegistry |
fullyAuthenticated()
Specify that Messages are allowed by users who have authenticated and were not
"remembered".
|
MessageSecurityMetadataSourceRegistry |
hasAnyAuthority(java.lang.String... authorities)
Specify that
Message instances requires any of a number authorities. |
MessageSecurityMetadataSourceRegistry |
hasAnyRole(java.lang.String... roles)
Shortcut for specifying
Message instances require any of a number of
roles. |
MessageSecurityMetadataSourceRegistry |
hasAuthority(java.lang.String authority)
Specify that
Message instances require a particular authority. |
MessageSecurityMetadataSourceRegistry |
hasRole(java.lang.String role)
Shortcut for specifying
Message instances require a particular role. |
MessageSecurityMetadataSourceRegistry |
permitAll()
Specify that Messages are allowed by anyone.
|
MessageSecurityMetadataSourceRegistry |
rememberMe()
Specify that Messages are allowed by users that have been remembered.
|
public MessageSecurityMetadataSourceRegistry hasRole(java.lang.String role)
Message
instances require a particular role. If
you do not want to have "ROLE_" automatically inserted see
hasAuthority(String)
.role
- the role to require (i.e. USER, ADMIN, etc). Note, it should not
start with "ROLE_" as this is automatically inserted.MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAnyRole(java.lang.String... roles)
Message
instances require any of a number of
roles. If you do not want to have "ROLE_" automatically inserted see
hasAnyAuthority(String...)
roles
- the roles to require (i.e. USER, ADMIN, etc). Note, it should not
start with "ROLE_" as this is automatically inserted.MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAuthority(java.lang.String authority)
Message
instances require a particular authority.authority
- the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAnyAuthority(java.lang.String... authorities)
Message
instances requires any of a number authorities.authorities
- the requests require at least one of the authorities (i.e.
"ROLE_USER","ROLE_ADMIN" would mean either "ROLE_USER" or "ROLE_ADMIN" is
required).MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry permitAll()
MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry anonymous()
MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry rememberMe()
MessageSecurityMetadataSourceRegistry
for further
customizationRememberMeConfigurer
public MessageSecurityMetadataSourceRegistry denyAll()
MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry authenticated()
MessageSecurityMetadataSourceRegistry
for further
customizationpublic MessageSecurityMetadataSourceRegistry fullyAuthenticated()
MessageSecurityMetadataSourceRegistry
for further
customizationRememberMeConfigurer
public MessageSecurityMetadataSourceRegistry access(java.lang.String attribute)
attribute
- the expression to secure the URLs (i.e. "hasRole('ROLE_USER')
and hasRole('ROLE_SUPER')")MessageSecurityMetadataSourceRegistry
for further
customization