public final class AnonymousConfigurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
Authentication that represents an anonymous user
instead of having a null value) for an HttpSecurity. Specifically this will configure an
AnonymousAuthenticationFilter and an AnonymousAuthenticationProvider. All properties have reasonable
defaults, so no additional configuration is required other than applying this SecurityConfigurer.| Constructor and Description |
|---|
AnonymousConfigurer()
Creates a new instance
|
| Modifier and Type | Method and Description |
|---|---|
AnonymousConfigurer<H> |
authenticationFilter(AnonymousAuthenticationFilter authenticationFilter)
Sets the
AnonymousAuthenticationFilter used to populate an anonymous user. |
AnonymousConfigurer<H> |
authenticationProvider(AuthenticationProvider authenticationProvider)
Sets the
AuthenticationProvider used to validate an anonymous user. |
AnonymousConfigurer<H> |
authorities(List<GrantedAuthority> authorities)
Sets the
Authentication.getAuthorities() for anonymous users |
AnonymousConfigurer<H> |
authorities(String... authorities)
Sets the
Authentication.getAuthorities() for anonymous users |
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties
on the SecurityBuilder. |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
void |
init(H http)
Initialize the
SecurityBuilder. |
AnonymousConfigurer<H> |
key(String key)
Sets the key to identify tokens created for anonymous authentication.
|
AnonymousConfigurer<H> |
principal(Object principal)
Sets the principal for
Authentication objects of anonymous users |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
addObjectPostProcessor, and, getBuilder, postProcess, setBuilderpublic AnonymousConfigurer()
HttpSecurity.anonymous()public AnonymousConfigurer<H> key(String key)
key - the key to identify tokens created for anonymous authentication. Default is a secure randomly generated
key.AnonymousConfigurer for further customization of anonymous authenticationpublic AnonymousConfigurer<H> principal(Object principal)
Authentication objects of anonymous usersprincipal - used for the Authentication object of anonymous usersAnonymousConfigurer for further customization of anonymous authenticationpublic AnonymousConfigurer<H> authorities(List<GrantedAuthority> authorities)
Authentication.getAuthorities() for anonymous usersauthorities - Sets the Authentication.getAuthorities() for anonymous usersAnonymousConfigurer for further customization of anonymous authenticationpublic AnonymousConfigurer<H> authorities(String... authorities)
Authentication.getAuthorities() for anonymous usersauthorities - Sets the Authentication.getAuthorities() for
anonymous users (i.e. "ROLE_ANONYMOUS")AnonymousConfigurer for further customization of anonymous authenticationpublic AnonymousConfigurer<H> authenticationProvider(AuthenticationProvider authenticationProvider)
AuthenticationProvider used to validate an anonymous user. If this is set, no attributes
on the AnonymousConfigurer will be set on the AuthenticationProvider.authenticationProvider - the AuthenticationProvider used to validate an anonymous user. Default is
AnonymousAuthenticationProviderAnonymousConfigurer for further customization of anonymous authenticationpublic AnonymousConfigurer<H> authenticationFilter(AnonymousAuthenticationFilter authenticationFilter)
AnonymousAuthenticationFilter used to populate an anonymous user. If this is set, no attributes
on the AnonymousConfigurer will be set on the AnonymousAuthenticationFilter.authenticationFilter - the AnonymousAuthenticationFilter used to populate an anonymous user.AnonymousConfigurer for further customization of anonymous authenticationpublic void init(H http) throws Exception
SecurityConfigurerSecurityBuilder. Here only shared state should be
created and modified, but not properties on the SecurityBuilder
used for building the object. This ensures that the
SecurityConfigurer.configure(SecurityBuilder) method uses the correct shared
objects when building.init in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>init in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic void configure(H http) throws Exception
SecurityConfigurerSecurityBuilder by setting the necessary properties
on the SecurityBuilder.configure in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>configure in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic B disable()
AbstractHttpConfigurer by removing it. After doing
so a fresh version of the configuration can be applied.HttpSecurityBuilder for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)