Class ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
java.lang.Object
org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl
- Enclosing class:
- ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
-
Method Summary
Modifier and TypeMethodDescriptionAllows specifying that URLs are secured by an arbitrary expressionSpecify that URLs are allowed by anonymous users.Specify that URLs are allowed by any authenticated user.denyAll()
Specify that URLs are not allowed by anyone.Specify that URLs are allowed by users who have authenticated and were not "remembered".protected List<? extends RequestMatcher>
hasAnyAuthority
(String... authorities) Specify that URLs requires any of a number authorities.hasAnyRole
(String... roles) Shortcut for specifying URLs require any of a number of roles.hasAuthority
(String authority) Specify that URLs require a particular authority.hasIpAddress
(String ipaddressExpression) Specify that URLs requires a specific IP Address or subnet.Shortcut for specifying URLs require a particular role.not()
Negates the following expression.Specify that URLs are allowed by anyone.Specify that URLs are allowed by users that have been remembered.
-
Method Details
-
getMatchers
-
not
Negates the following expression.- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
hasRole
Shortcut for specifying URLs require a particular role. If you do not want to have role prefix (default "ROLE_") automatically inserted seehasAuthority(String)
.- Parameters:
role
- the role to require (i.e. USER, ADMIN, etc). Note, it should not start with role prefix as this is automatically inserted.- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
hasAnyRole
public ExpressionUrlAuthorizationConfigurer<H>.ExpressionInterceptUrlRegistry hasAnyRole(String... roles) Shortcut for specifying URLs require any of a number of roles. If you do not want to have role prefix (default "ROLE_") automatically inserted seehasAnyAuthority(String...)
- Parameters:
roles
- the roles to require (i.e. USER, ADMIN, etc). Note, it should not start with role prefix as this is automatically inserted.- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
hasAuthority
public ExpressionUrlAuthorizationConfigurer<H>.ExpressionInterceptUrlRegistry hasAuthority(String authority) Specify that URLs require a particular authority.- Parameters:
authority
- the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
hasAnyAuthority
public ExpressionUrlAuthorizationConfigurer<H>.ExpressionInterceptUrlRegistry hasAnyAuthority(String... authorities) Specify that URLs requires any of a number authorities.- Parameters:
authorities
- the requests require at least one of the authorities (i.e. "ROLE_USER","ROLE_ADMIN" would mean either "ROLE_USER" or "ROLE_ADMIN" is required).- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
hasIpAddress
public ExpressionUrlAuthorizationConfigurer<H>.ExpressionInterceptUrlRegistry hasIpAddress(String ipaddressExpression) Specify that URLs requires a specific IP Address or subnet.- Parameters:
ipaddressExpression
- the ipaddress (i.e. 192.168.1.79) or local subnet (i.e. 192.168.0/24)- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
permitAll
Specify that URLs are allowed by anyone.- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
anonymous
Specify that URLs are allowed by anonymous users.- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
rememberMe
Specify that URLs are allowed by users that have been remembered.- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization - See Also:
-
denyAll
Specify that URLs are not allowed by anyone.- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
authenticated
Specify that URLs are allowed by any authenticated user.- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-
fullyAuthenticated
Specify that URLs are allowed by users who have authenticated and were not "remembered".- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization - See Also:
-
access
public ExpressionUrlAuthorizationConfigurer<H>.ExpressionInterceptUrlRegistry access(String attribute) Allows specifying that URLs are secured by an arbitrary expression- Parameters:
attribute
- the expression to secure the URLs (i.e. "hasRole('ROLE_USER') and hasRole('ROLE_SUPER')")- Returns:
- the
ExpressionUrlAuthorizationConfigurer
for further customization
-