Class UrlAuthorizationConfigurer.AuthorizedUrl
java.lang.Object
org.springframework.security.config.annotation.web.configurers.UrlAuthorizationConfigurer.AuthorizedUrl
- Enclosing class:
- UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
Maps the specified
RequestMatcher
instances to ConfigAttribute
instances.- Since:
- 3.2
-
Method Summary
Modifier and TypeMethodDescriptionSpecifies that the user must have the specifiedConfigAttribute
'sSpecifies that an anonymous user is allowed accessprotected List<? extends RequestMatcher>
hasAnyAuthority
(String... authorities) Specifies that a user requires one of many authoritieshasAnyRole
(String... roles) Specifies that a user requires one of many roles.hasAuthority
(String authority) Specifies a user requires an authority.Specifies a user requires a role.
-
Method Details
-
hasRole
Specifies a user requires a role.- Parameters:
role
- the role that should be required which is prepended with ROLE_ automatically (i.e. USER, ADMIN, etc). It should not start with ROLE_ theUrlAuthorizationConfigurer
for further customization
-
hasAnyRole
Specifies that a user requires one of many roles.- Parameters:
roles
- the roles that the user should have at least one of (i.e. ADMIN, USER, etc). Each role should not start with ROLE_ since it is automatically prepended already.- Returns:
- the
UrlAuthorizationConfigurer
for further customization
-
hasAuthority
Specifies a user requires an authority.- Parameters:
authority
- the authority that should be required- Returns:
- the
UrlAuthorizationConfigurer
for further customization
-
hasAnyAuthority
public UrlAuthorizationConfigurer<H>.StandardInterceptUrlRegistry hasAnyAuthority(String... authorities) Specifies that a user requires one of many authorities- Parameters:
authorities
- the authorities that the user should have at least one of (i.e. ROLE_USER, ROLE_ADMIN, etc).- Returns:
- the
UrlAuthorizationConfigurer
for further customization
-
anonymous
Specifies that an anonymous user is allowed access- Returns:
- the
UrlAuthorizationConfigurer
for further customization
-
access
Specifies that the user must have the specifiedConfigAttribute
's- Parameters:
attributes
- theConfigAttribute
's that restrict access to a URL- Returns:
- the
UrlAuthorizationConfigurer
for further customization
-
getMatchers
-