Class AuthorizeHttpRequestsConfigurer.AuthorizedUrl
- java.lang.Object
-
- org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer.AuthorizedUrl
-
- Direct Known Subclasses:
AuthorizeHttpRequestsConfigurer.MvcMatchersAuthorizedUrl
- Enclosing class:
- AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder<H>>
public class AuthorizeHttpRequestsConfigurer.AuthorizedUrl extends java.lang.Object
An object that allows configuring theAuthorizationManager
forRequestMatcher
s.
-
-
Method Summary
-
-
-
Method Detail
-
getMatchers
protected java.util.List<? extends RequestMatcher> getMatchers()
-
permitAll
public AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry permitAll()
Specify that URLs are allowed by anyone.- Returns:
- the
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
for further customizations
-
denyAll
public AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry denyAll()
Specify that URLs are not allowed by anyone.- Returns:
- the
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
for further customizations
-
hasRole
public AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry hasRole(java.lang.String role)
Specifies a user requires a role.- Parameters:
role
- the role that should be required which is prepended with ROLE_ automatically (i.e. USER, ADMIN, etc). It should not start with ROLE_- Returns:
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
for further customizations
-
hasAnyRole
public AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry hasAnyRole(java.lang.String... roles)
Specifies that a user requires one of many roles.- Parameters:
roles
- the roles that the user should have at least one of (i.e. ADMIN, USER, etc). Each role should not start with ROLE_ since it is automatically prepended already- Returns:
- the
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
for further customizations
-
hasAuthority
public AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry hasAuthority(java.lang.String authority)
Specifies a user requires an authority.- Parameters:
authority
- the authority that should be required- Returns:
- the
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
for further customizations
-
hasAnyAuthority
public AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry hasAnyAuthority(java.lang.String... authorities)
Specifies that a user requires one of many authorities.- Parameters:
authorities
- the authorities that the user should have at least one of (i.e. ROLE_USER, ROLE_ADMIN, etc)- Returns:
- the
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
for further customizations
-
authenticated
public AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry authenticated()
Specify that URLs are allowed by any authenticated user.- Returns:
- the
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
for further customizations
-
access
public AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry access(AuthorizationManager<RequestAuthorizationContext> manager)
Allows specifying a customAuthorizationManager
.- Parameters:
manager
- theAuthorizationManager
to use- Returns:
- the
AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry
for further customizations
-
-