Package org.springframework.security.config.annotation.web

Interface HttpSecurityBuilder<H extends HttpSecurityBuilder<H>>

Type Parameters:

H -

All Superinterfaces:

SecurityBuilder<DefaultSecurityFilterChain>

All Known Implementing Classes:

HttpSecurity

public interface HttpSecurityBuilder<H extends HttpSecurityBuilder<H>>
extends SecurityBuilder<DefaultSecurityFilterChain>

Method Summary

Modifier and Type	Method	Description
H	addFilter(jakarta.servlet.Filter filter)	Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework.
H	addFilterAfter(jakarta.servlet.Filter filter, Class<? extends jakarta.servlet.Filter> afterFilter)	Allows adding a Filter after one of the known Filter classes.
H	addFilterBefore(jakarta.servlet.Filter filter, Class<? extends jakarta.servlet.Filter> beforeFilter)	Allows adding a Filter before one of the known Filter classes.
H	authenticationProvider(AuthenticationProvider authenticationProvider)	Allows adding an additional AuthenticationProvider to be used
<C extends SecurityConfigurer<DefaultSecurityFilterChain, H>> C	getConfigurer(Class<C> clazz)	Gets the SecurityConfigurer by its class name or null if not found.
<C> C	getSharedObject(Class<C> sharedType)	Gets a shared Object.
<C extends SecurityConfigurer<DefaultSecurityFilterChain, H>> C	removeConfigurer(Class<C> clazz)	Removes the SecurityConfigurer by its class name or null if not found.
<C> void	setSharedObject(Class<C> sharedType, C object)	Sets an object that is shared by multiple SecurityConfigurer.
H	userDetailsService(UserDetailsService userDetailsService)	Allows adding an additional UserDetailsService to be used

Methods inherited from interface org.springframework.security.config.annotation.SecurityBuilder

build

Method Details

getConfigurer

<C extends SecurityConfigurer<DefaultSecurityFilterChain,
H>>
C getConfigurer(Class<C> clazz)

Gets the SecurityConfigurer by its class name or null if not found. Note that object hierarchies are not considered.

Parameters:

clazz - the Class of the SecurityConfigurer to attempt to get.

removeConfigurer

<C extends SecurityConfigurer<DefaultSecurityFilterChain,
H>>
C removeConfigurer(Class<C> clazz)

Removes the SecurityConfigurer by its class name or null if not found. Note that object hierarchies are not considered.

Parameters:

clazz - the Class of the SecurityConfigurer to attempt to remove.

Returns:

the SecurityConfigurer that was removed or null if not found

setSharedObject

<C> void setSharedObject(Class<C> sharedType,
 C object)

Sets an object that is shared by multiple SecurityConfigurer.

Parameters:

sharedType - the Class to key the shared object by.

object - the Object to store

getSharedObject

<C> C getSharedObject(Class<C> sharedType)

Gets a shared Object. Note that object heirarchies are not considered.

Parameters:

sharedType - the type of the shared Object

Returns:

the shared Object or null if it is not found

authenticationProvider

H authenticationProvider(AuthenticationProvider authenticationProvider)

Allows adding an additional AuthenticationProvider to be used

Parameters:

authenticationProvider - the AuthenticationProvider to be added

Returns:

the HttpSecurity for further customizations

userDetailsService

H userDetailsService(UserDetailsService userDetailsService)
              throws Exception

Allows adding an additional UserDetailsService to be used

Parameters:

userDetailsService - the UserDetailsService to be added

Returns:

the HttpSecurity for further customizations

Throws:

Exception

addFilterAfter

H addFilterAfter(jakarta.servlet.Filter filter,
 Class<? extends jakarta.servlet.Filter> afterFilter)

Allows adding a Filter after one of the known Filter classes. The known Filter instances are either a Filter listed in addFilter(Filter) or a Filter that has already been added using addFilterAfter(Filter, Class) or addFilterBefore(Filter, Class).

Parameters:

filter - the Filter to register after the type afterFilter

afterFilter - the Class of the known Filter.

Returns:

the HttpSecurity for further customizations

addFilterBefore

H addFilterBefore(jakarta.servlet.Filter filter,
 Class<? extends jakarta.servlet.Filter> beforeFilter)

Allows adding a Filter before one of the known Filter classes. The known Filter instances are either a Filter listed in addFilter(Filter) or a Filter that has already been added using addFilterAfter(Filter, Class) or addFilterBefore(Filter, Class).

Parameters:

filter - the Filter to register before the type beforeFilter

beforeFilter - the Class of the known Filter.

Returns:

the HttpSecurity for further customizations

addFilter

H addFilter(jakarta.servlet.Filter filter)

Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework. The method ensures that the ordering of the Filters is automatically taken care of. The ordering of the Filters is:

• DisableEncodeUrlFilter
• ForceEagerSessionCreationFilter
• ChannelProcessingFilter
• WebAsyncManagerIntegrationFilter
• SecurityContextHolderFilter
• SecurityContextPersistenceFilter
• HeaderWriterFilter
• CorsFilter
• CsrfFilter
• LogoutFilter
• OAuth2AuthorizationRequestRedirectFilter
• Saml2WebSsoAuthenticationRequestFilter
• X509AuthenticationFilter
• AbstractPreAuthenticatedProcessingFilter
• CasAuthenticationFilter
• OAuth2LoginAuthenticationFilter
• Saml2WebSsoAuthenticationFilter
• UsernamePasswordAuthenticationFilter
• DefaultLoginPageGeneratingFilter
• DefaultLogoutPageGeneratingFilter
• ConcurrentSessionFilter
• DigestAuthenticationFilter
• BearerTokenAuthenticationFilter
• BasicAuthenticationFilter
• RequestCacheAwareFilter
• SecurityContextHolderAwareRequestFilter
• JaasApiIntegrationFilter
• RememberMeAuthenticationFilter
• AnonymousAuthenticationFilter
• OAuth2AuthorizationCodeGrantFilter
• SessionManagementFilter
• ExceptionTranslationFilter
• FilterSecurityInterceptor
• AuthorizationFilter
• SwitchUserFilter

Parameters:

filter - the Filter to add

Returns:

the HttpSecurity for further customizations