Package org.springframework.security.config.annotation.web.messaging

Class MessageSecurityMetadataSourceRegistry.Constraint

java.lang.Object

org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint

Enclosing class:

MessageSecurityMetadataSourceRegistry

public final class MessageSecurityMetadataSourceRegistry.Constraint
extends java.lang.Object

Represents the security constraint to be applied to the MessageMatcher instances.

Method Summary

Modifier and Type	Method	Description
MessageSecurityMetadataSourceRegistry	access(java.lang.String attribute)	Allows specifying that Messages are secured by an arbitrary expression
MessageSecurityMetadataSourceRegistry	anonymous()	Specify that Messages are allowed by anonymous users.
MessageSecurityMetadataSourceRegistry	authenticated()	Specify that Messages are allowed by any authenticated user.
MessageSecurityMetadataSourceRegistry	denyAll()	Specify that Messages are not allowed by anyone.
MessageSecurityMetadataSourceRegistry	fullyAuthenticated()	Specify that Messages are allowed by users who have authenticated and were not "remembered".
MessageSecurityMetadataSourceRegistry	hasAnyAuthority(java.lang.String... authorities)	Specify that Message instances requires any of a number authorities.
MessageSecurityMetadataSourceRegistry	hasAnyRole(java.lang.String... roles)	Shortcut for specifying Message instances require any of a number of roles.
MessageSecurityMetadataSourceRegistry	hasAuthority(java.lang.String authority)	Specify that Message instances require a particular authority.
MessageSecurityMetadataSourceRegistry	hasRole(java.lang.String role)	Shortcut for specifying Message instances require a particular role.
MessageSecurityMetadataSourceRegistry	permitAll()	Specify that Messages are allowed by anyone.
MessageSecurityMetadataSourceRegistry	rememberMe()	Specify that Messages are allowed by users that have been remembered.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

hasRole

public MessageSecurityMetadataSourceRegistry hasRole(java.lang.String role)

Shortcut for specifying Message instances require a particular role. If you do not want to have "ROLE_" automatically inserted see hasAuthority(String).

Parameters:

role - the role to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as this is automatically inserted.

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

hasAnyRole

public MessageSecurityMetadataSourceRegistry hasAnyRole(java.lang.String... roles)

Shortcut for specifying Message instances require any of a number of roles. If you do not want to have "ROLE_" automatically inserted see hasAnyAuthority(String...)

Parameters:

roles - the roles to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as this is automatically inserted.

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

hasAuthority

public MessageSecurityMetadataSourceRegistry hasAuthority(java.lang.String authority)

Specify that Message instances require a particular authority.

Parameters:

authority - the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

hasAnyAuthority

public MessageSecurityMetadataSourceRegistry hasAnyAuthority(java.lang.String... authorities)

Specify that Message instances requires any of a number authorities.

Parameters:

authorities - the requests require at least one of the authorities (i.e. "ROLE_USER","ROLE_ADMIN" would mean either "ROLE_USER" or "ROLE_ADMIN" is required).

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

permitAll

public MessageSecurityMetadataSourceRegistry permitAll()

Specify that Messages are allowed by anyone.

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

anonymous

public MessageSecurityMetadataSourceRegistry anonymous()

Specify that Messages are allowed by anonymous users.

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

rememberMe

public MessageSecurityMetadataSourceRegistry rememberMe()

Specify that Messages are allowed by users that have been remembered.

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

See Also:

RememberMeConfigurer

denyAll

public MessageSecurityMetadataSourceRegistry denyAll()

Specify that Messages are not allowed by anyone.

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

authenticated

public MessageSecurityMetadataSourceRegistry authenticated()

Specify that Messages are allowed by any authenticated user.

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

fullyAuthenticated

public MessageSecurityMetadataSourceRegistry fullyAuthenticated()

Specify that Messages are allowed by users who have authenticated and were not "remembered".

Returns:

the MessageSecurityMetadataSourceRegistry for further customization

See Also:

RememberMeConfigurer

access

public MessageSecurityMetadataSourceRegistry access(java.lang.String attribute)

Allows specifying that Messages are secured by an arbitrary expression

Parameters:

attribute - the expression to secure the URLs (i.e. "hasRole('ROLE_USER') and hasRole('ROLE_SUPER')")

Returns:

the MessageSecurityMetadataSourceRegistry for further customization