Class MessageSecurityMetadataSourceRegistry.Constraint
- java.lang.Object
-
- org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
-
- Enclosing class:
- MessageSecurityMetadataSourceRegistry
public final class MessageSecurityMetadataSourceRegistry.Constraint extends java.lang.Object
Represents the security constraint to be applied to theMessageMatcher
instances.
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description MessageSecurityMetadataSourceRegistry
access(java.lang.String attribute)
Allows specifying that Messages are secured by an arbitrary expressionMessageSecurityMetadataSourceRegistry
anonymous()
Specify that Messages are allowed by anonymous users.MessageSecurityMetadataSourceRegistry
authenticated()
Specify that Messages are allowed by any authenticated user.MessageSecurityMetadataSourceRegistry
denyAll()
Specify that Messages are not allowed by anyone.MessageSecurityMetadataSourceRegistry
fullyAuthenticated()
Specify that Messages are allowed by users who have authenticated and were not "remembered".MessageSecurityMetadataSourceRegistry
hasAnyAuthority(java.lang.String... authorities)
Specify thatMessage
instances requires any of a number authorities.MessageSecurityMetadataSourceRegistry
hasAnyRole(java.lang.String... roles)
Shortcut for specifyingMessage
instances require any of a number of roles.MessageSecurityMetadataSourceRegistry
hasAuthority(java.lang.String authority)
Specify thatMessage
instances require a particular authority.MessageSecurityMetadataSourceRegistry
hasRole(java.lang.String role)
Shortcut for specifyingMessage
instances require a particular role.MessageSecurityMetadataSourceRegistry
permitAll()
Specify that Messages are allowed by anyone.MessageSecurityMetadataSourceRegistry
rememberMe()
Specify that Messages are allowed by users that have been remembered.
-
-
-
Method Detail
-
hasRole
public MessageSecurityMetadataSourceRegistry hasRole(java.lang.String role)
Shortcut for specifyingMessage
instances require a particular role. If you do not want to have "ROLE_" automatically inserted seehasAuthority(String)
.- Parameters:
role
- the role to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as this is automatically inserted.- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
hasAnyRole
public MessageSecurityMetadataSourceRegistry hasAnyRole(java.lang.String... roles)
Shortcut for specifyingMessage
instances require any of a number of roles. If you do not want to have "ROLE_" automatically inserted seehasAnyAuthority(String...)
- Parameters:
roles
- the roles to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as this is automatically inserted.- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
hasAuthority
public MessageSecurityMetadataSourceRegistry hasAuthority(java.lang.String authority)
Specify thatMessage
instances require a particular authority.- Parameters:
authority
- the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
hasAnyAuthority
public MessageSecurityMetadataSourceRegistry hasAnyAuthority(java.lang.String... authorities)
Specify thatMessage
instances requires any of a number authorities.- Parameters:
authorities
- the requests require at least one of the authorities (i.e. "ROLE_USER","ROLE_ADMIN" would mean either "ROLE_USER" or "ROLE_ADMIN" is required).- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
permitAll
public MessageSecurityMetadataSourceRegistry permitAll()
Specify that Messages are allowed by anyone.- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
anonymous
public MessageSecurityMetadataSourceRegistry anonymous()
Specify that Messages are allowed by anonymous users.- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
rememberMe
public MessageSecurityMetadataSourceRegistry rememberMe()
Specify that Messages are allowed by users that have been remembered.- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization - See Also:
RememberMeConfigurer
-
denyAll
public MessageSecurityMetadataSourceRegistry denyAll()
Specify that Messages are not allowed by anyone.- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
authenticated
public MessageSecurityMetadataSourceRegistry authenticated()
Specify that Messages are allowed by any authenticated user.- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
fullyAuthenticated
public MessageSecurityMetadataSourceRegistry fullyAuthenticated()
Specify that Messages are allowed by users who have authenticated and were not "remembered".- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization - See Also:
RememberMeConfigurer
-
access
public MessageSecurityMetadataSourceRegistry access(java.lang.String attribute)
Allows specifying that Messages are secured by an arbitrary expression- Parameters:
attribute
- the expression to secure the URLs (i.e. "hasRole('ROLE_USER') and hasRole('ROLE_SUPER')")- Returns:
- the
MessageSecurityMetadataSourceRegistry
for further customization
-
-