public class MessageSecurityMetadataSourceRegistry.Constraint extends Object
MessageMatcher instances.| Modifier and Type | Method and Description |
|---|---|
MessageSecurityMetadataSourceRegistry |
access(String attribute)
Allows specifying that Messages are secured by an arbitrary expression
|
MessageSecurityMetadataSourceRegistry |
anonymous()
Specify that Messages are allowed by anonymous users.
|
MessageSecurityMetadataSourceRegistry |
authenticated()
Specify that Messages are allowed by any authenticated user.
|
MessageSecurityMetadataSourceRegistry |
denyAll()
Specify that Messages are not allowed by anyone.
|
MessageSecurityMetadataSourceRegistry |
fullyAuthenticated()
Specify that Messages are allowed by users who have authenticated and were not "remembered".
|
MessageSecurityMetadataSourceRegistry |
hasAnyAuthority(String... authorities)
Specify that
Message instances requires any of a number authorities. |
MessageSecurityMetadataSourceRegistry |
hasAnyRole(String... roles)
Shortcut for specifying
Message instances require any of a number of roles. |
MessageSecurityMetadataSourceRegistry |
hasAuthority(String authority)
Specify that
Message instances require a particular authority. |
MessageSecurityMetadataSourceRegistry |
hasRole(String role)
Shortcut for specifying
Message instances require a particular role. |
MessageSecurityMetadataSourceRegistry |
permitAll()
Specify that Messages are allowed by anyone.
|
MessageSecurityMetadataSourceRegistry |
rememberMe()
Specify that Messages are allowed by users that have been remembered.
|
public MessageSecurityMetadataSourceRegistry hasRole(String role)
Message instances require a particular role. If you do not want to have "ROLE_" automatically
inserted see hasAuthority(String).role - the role to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as
this is automatically inserted.MessageSecurityMetadataSourceRegistry for further customizationpublic MessageSecurityMetadataSourceRegistry hasAnyRole(String... roles)
Message instances require any of a number of roles. If you
do not want to have "ROLE_" automatically inserted see
hasAnyAuthority(String...)roles - the roles to require (i.e. USER, ADMIN, etc). Note, it
should not start with "ROLE_" as this is automatically
inserted.MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAuthority(String authority)
Message instances require a particular authority.authority - the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).MessageSecurityMetadataSourceRegistry for further customizationpublic MessageSecurityMetadataSourceRegistry hasAnyAuthority(String... authorities)
Message instances requires any of a number authorities.authorities - the requests require at least one of the authorities (i.e. "ROLE_USER","ROLE_ADMIN" would
mean either "ROLE_USER" or "ROLE_ADMIN" is required).MessageSecurityMetadataSourceRegistry for further customizationpublic MessageSecurityMetadataSourceRegistry permitAll()
MessageSecurityMetadataSourceRegistry for further customizationpublic MessageSecurityMetadataSourceRegistry anonymous()
MessageSecurityMetadataSourceRegistry for further customizationpublic MessageSecurityMetadataSourceRegistry rememberMe()
MessageSecurityMetadataSourceRegistry for further customizationRememberMeConfigurer}public MessageSecurityMetadataSourceRegistry denyAll()
MessageSecurityMetadataSourceRegistry for further customizationpublic MessageSecurityMetadataSourceRegistry authenticated()
MessageSecurityMetadataSourceRegistry for further customizationpublic MessageSecurityMetadataSourceRegistry fullyAuthenticated()
MessageSecurityMetadataSourceRegistry for further customizationRememberMeConfigurer}public MessageSecurityMetadataSourceRegistry access(String attribute)
attribute - the expression to secure the URLs (i.e. "hasRole('ROLE_USER') and hasRole('ROLE_SUPER')")MessageSecurityMetadataSourceRegistry for further customization