public class MessageSecurityMetadataSourceRegistry.Constraint extends Object
MessageMatcher
instances.| Modifier and Type | Method and Description |
|---|---|
MessageSecurityMetadataSourceRegistry |
access(String attribute)
Allows specifying that Messages are secured by an arbitrary expression
|
MessageSecurityMetadataSourceRegistry |
anonymous()
Specify that Messages are allowed by anonymous users.
|
MessageSecurityMetadataSourceRegistry |
authenticated()
Specify that Messages are allowed by any authenticated user.
|
MessageSecurityMetadataSourceRegistry |
denyAll()
Specify that Messages are not allowed by anyone.
|
MessageSecurityMetadataSourceRegistry |
fullyAuthenticated()
Specify that Messages are allowed by users who have authenticated and were not
"remembered".
|
MessageSecurityMetadataSourceRegistry |
hasAnyAuthority(String... authorities)
Specify that
Message instances requires any of a number authorities. |
MessageSecurityMetadataSourceRegistry |
hasAnyRole(String... roles)
Shortcut for specifying
Message instances require any of a number of
roles. |
MessageSecurityMetadataSourceRegistry |
hasAuthority(String authority)
Specify that
Message instances require a particular authority. |
MessageSecurityMetadataSourceRegistry |
hasRole(String role)
Shortcut for specifying
Message instances require a particular role. |
MessageSecurityMetadataSourceRegistry |
permitAll()
Specify that Messages are allowed by anyone.
|
MessageSecurityMetadataSourceRegistry |
rememberMe()
Specify that Messages are allowed by users that have been remembered.
|
public MessageSecurityMetadataSourceRegistry hasRole(String role)
Message instances require a particular role. If
you do not want to have "ROLE_" automatically inserted see
hasAuthority(String).role - the role to require (i.e. USER, ADMIN, etc). Note, it should not
start with "ROLE_" as this is automatically inserted.MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAnyRole(String... roles)
Message instances require any of a number of
roles. If you do not want to have "ROLE_" automatically inserted see
hasAnyAuthority(String...)roles - the roles to require (i.e. USER, ADMIN, etc). Note, it should not
start with "ROLE_" as this is automatically inserted.MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAuthority(String authority)
Message instances require a particular authority.authority - the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry hasAnyAuthority(String... authorities)
Message instances requires any of a number authorities.authorities - the requests require at least one of the authorities (i.e.
"ROLE_USER","ROLE_ADMIN" would mean either "ROLE_USER" or "ROLE_ADMIN" is
required).MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry permitAll()
MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry anonymous()
MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry rememberMe()
MessageSecurityMetadataSourceRegistry for further
customizationRememberMeConfigurerpublic MessageSecurityMetadataSourceRegistry denyAll()
MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry authenticated()
MessageSecurityMetadataSourceRegistry for further
customizationpublic MessageSecurityMetadataSourceRegistry fullyAuthenticated()
MessageSecurityMetadataSourceRegistry for further
customizationRememberMeConfigurerpublic MessageSecurityMetadataSourceRegistry access(String attribute)
attribute - the expression to secure the URLs (i.e.
"hasRole('ROLE_USER') and hasRole('ROLE_SUPER')")MessageSecurityMetadataSourceRegistry for further
customization