public final class AnonymousConfigurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
Authentication that
represents an anonymous user instead of having a null value) for an
HttpSecurity. Specifically this will configure an
AnonymousAuthenticationFilter and an AnonymousAuthenticationProvider.
All properties have reasonable defaults, so no additional configuration is required
other than applying this SecurityConfigurer.| Constructor and Description |
|---|
AnonymousConfigurer()
Creates a new instance
|
| Modifier and Type | Method and Description |
|---|---|
AnonymousConfigurer<H> |
authenticationFilter(org.springframework.security.web.authentication.AnonymousAuthenticationFilter authenticationFilter)
Sets the
AnonymousAuthenticationFilter used to populate an anonymous user. |
AnonymousConfigurer<H> |
authenticationProvider(org.springframework.security.authentication.AuthenticationProvider authenticationProvider)
Sets the
AuthenticationProvider used to validate an anonymous user. |
AnonymousConfigurer<H> |
authorities(List<org.springframework.security.core.GrantedAuthority> authorities)
Sets the
Authentication.getAuthorities()
for anonymous users |
AnonymousConfigurer<H> |
authorities(String... authorities)
Sets the
Authentication.getAuthorities()
for anonymous users |
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties on the
SecurityBuilder. |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
void |
init(H http)
Initialize the
SecurityBuilder. |
AnonymousConfigurer<H> |
key(String key)
Sets the key to identify tokens created for anonymous authentication.
|
AnonymousConfigurer<H> |
principal(Object principal)
Sets the principal for
Authentication objects of anonymous users |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
addObjectPostProcessor, and, getBuilder, postProcess, setBuilderpublic AnonymousConfigurer()
HttpSecurity.anonymous()public AnonymousConfigurer<H> key(String key)
key - the key to identify tokens created for anonymous authentication. Default
is a secure randomly generated key.AnonymousConfigurer for further customization of anonymous
authenticationpublic AnonymousConfigurer<H> principal(Object principal)
Authentication objects of anonymous usersprincipal - used for the Authentication object of anonymous usersAnonymousConfigurer for further customization of anonymous
authenticationpublic AnonymousConfigurer<H> authorities(List<org.springframework.security.core.GrantedAuthority> authorities)
Authentication.getAuthorities()
for anonymous usersauthorities - Sets the
Authentication.getAuthorities() for
anonymous usersAnonymousConfigurer for further customization of anonymous
authenticationpublic AnonymousConfigurer<H> authorities(String... authorities)
Authentication.getAuthorities()
for anonymous usersauthorities - Sets the
Authentication.getAuthorities() for
anonymous users (i.e. "ROLE_ANONYMOUS")AnonymousConfigurer for further customization of anonymous
authenticationpublic AnonymousConfigurer<H> authenticationProvider(org.springframework.security.authentication.AuthenticationProvider authenticationProvider)
AuthenticationProvider used to validate an anonymous user. If this
is set, no attributes on the AnonymousConfigurer will be set on the
AuthenticationProvider.authenticationProvider - the AuthenticationProvider used to validate
an anonymous user. Default is AnonymousAuthenticationProviderAnonymousConfigurer for further customization of anonymous
authenticationpublic AnonymousConfigurer<H> authenticationFilter(org.springframework.security.web.authentication.AnonymousAuthenticationFilter authenticationFilter)
AnonymousAuthenticationFilter used to populate an anonymous user.
If this is set, no attributes on the AnonymousConfigurer will be set on the
AnonymousAuthenticationFilter.authenticationFilter - the AnonymousAuthenticationFilter used to
populate an anonymous user.AnonymousConfigurer for further customization of anonymous
authenticationpublic void init(H http) throws Exception
SecurityConfigurerSecurityBuilder. Here only shared state should be created
and modified, but not properties on the SecurityBuilder used for building
the object. This ensures that the SecurityConfigurer.configure(SecurityBuilder) method uses
the correct shared objects when building.init in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>init in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic void configure(H http) throws Exception
SecurityConfigurerSecurityBuilder by setting the necessary properties on the
SecurityBuilder.configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic B disable()
AbstractHttpConfigurer by removing it. After doing so a fresh
version of the configuration can be applied.HttpSecurityBuilder for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)