Class RequestMatcherDelegatingAuthorizationManager.Builder.AuthorizedUrl
java.lang.Object
org.springframework.security.web.access.intercept.RequestMatcherDelegatingAuthorizationManager.Builder.AuthorizedUrl
- Enclosing class:
- RequestMatcherDelegatingAuthorizationManager.Builder
public final class RequestMatcherDelegatingAuthorizationManager.Builder.AuthorizedUrl
extends Object
An object that allows configuring the
AuthorizationManager
for
RequestMatcher
s.- Since:
- 6.2
-
Method Summary
Modifier and TypeMethodDescriptionSpecify that URLs are allowed by anonymous users.Specify that URLs are allowed by any authenticated user.denyAll()
Specify that URLs are not allowed by anyone.Specify that URLs are allowed by users who have authenticated and were not "remembered".hasAnyAuthority
(String... authorities) Specifies that a user requires one of many authorities.hasAnyRole
(String... roles) Specifies that a user requires one of many roles.hasAuthority
(String authority) Specifies a user requires an authority.Specifies a user requires a role.Specify that URLs are allowed by anyone.Specify that URLs are allowed by users that have been remembered.
-
Method Details
-
permitAll
Specify that URLs are allowed by anyone.- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customizations
-
denyAll
Specify that URLs are not allowed by anyone.- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customizations
-
authenticated
Specify that URLs are allowed by any authenticated user.- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customizations
-
fullyAuthenticated
Specify that URLs are allowed by users who have authenticated and were not "remembered".- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customization
-
rememberMe
Specify that URLs are allowed by users that have been remembered.- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customization
-
anonymous
Specify that URLs are allowed by anonymous users.- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customization
-
hasRole
Specifies a user requires a role.- Parameters:
role
- the role that should be required which is prepended with ROLE_ automatically (i.e. USER, ADMIN, etc). It should not start with ROLE_- Returns:
RequestMatcherDelegatingAuthorizationManager.Builder
for further customizations
-
hasAnyRole
Specifies that a user requires one of many roles.- Parameters:
roles
- the roles that the user should have at least one of (i.e. ADMIN, USER, etc). Each role should not start with ROLE_ since it is automatically prepended already- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customizations
-
hasAuthority
Specifies a user requires an authority.- Parameters:
authority
- the authority that should be required- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customizations
-
hasAnyAuthority
Specifies that a user requires one of many authorities.- Parameters:
authorities
- the authorities that the user should have at least one of (i.e. ROLE_USER, ROLE_ADMIN, etc)- Returns:
- the
RequestMatcherDelegatingAuthorizationManager.Builder
for further customizations
-