H - the type of HttpSecurityBuilder that is being configuredpublic final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
RequestMapping needs to be mapped to ConfigAttribute's for
this SecurityContextConfigurer to have meaning.
SecurityConfigurer's to customize:
AuthenticationTrustResolver is optionally used to populate the DefaultWebSecurityExpressionHandlerorg.springframework.security.config.annotation.web.builders.HttpSecurity#authorizeRequests()}| Modifier and Type | Class and Description |
|---|---|
class |
ExpressionUrlAuthorizationConfigurer.AuthorizedUrl |
class |
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry |
| Constructor and Description |
|---|
ExpressionUrlAuthorizationConfigurer()
Creates a new instance
|
| Modifier and Type | Method and Description |
|---|---|
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties
on the SecurityBuilder. |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry |
getRegistry() |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilderpublic ExpressionUrlAuthorizationConfigurer()
HttpSecurity.authorizeRequests()public ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry getRegistry()
public void configure(H http)
throws Exception
SecurityConfigurerSecurityBuilder by setting the necessary properties
on the SecurityBuilder.configure in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>configure in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic B disable()
AbstractHttpConfigurer by removing it. After doing
so a fresh version of the configuration can be applied.HttpSecurityBuilder for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)