/** * Adds an {@link ObjectPostProcessor} for this class. * * @param objectPostProcessor * @return the {@link UrlAuthorizationConfigurer} for further customizations */ public UrlAuthorizationConfigurer<H> withObjectPostProcessor( ObjectPostProcessor<?> objectPostProcessor) { addObjectPostProcessor(objectPostProcessor); return this; }
@Override public void configure(HttpSecurity http) throws Exception { // @formatter:off http .apply(new UrlAuthorizationConfigurer<>(null)).getRegistry() .anyRequest().anonymous(); // @formatter:on } }
/** * Creates the {@link FilterInvocationSecurityMetadataSource} to use. The * implementation is a {@link DefaultFilterInvocationSecurityMetadataSource} * . */ @Override FilterInvocationSecurityMetadataSource createMetadataSource() { return new DefaultFilterInvocationSecurityMetadataSource(createRequestMap()); }
/** * Adds a mapping of the {@link RequestMatcher} instances to the {@link ConfigAttribute} instances. * @param requestMatchers the {@link RequestMatcher} instances that should map to the provided {@link ConfigAttribute} instances * @param configAttributes the {@link ConfigAttribute} instances that should be mapped by the {@link RequestMatcher} instances * @return the {@link UrlAuthorizationConfigurer} for further customizations */ private UrlAuthorizationConfigurer<H,C> addMapping(Iterable<? extends RequestMatcher> requestMatchers, Collection<ConfigAttribute> configAttributes) { for(RequestMatcher requestMatcher : requestMatchers) { addMapping(new UrlMapping(requestMatcher, configAttributes)); } return this; }
/** * Adds an {@link ObjectPostProcessor} for this class. * * @param objectPostProcessor * @return the {@link UrlAuthorizationConfigurer} for further customizations */ public UrlAuthorizationConfigurer<H> withObjectPostProcessor( ObjectPostProcessor<?> objectPostProcessor) { addObjectPostProcessor(objectPostProcessor); return this; }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http .httpBasic().and() .apply(new UrlAuthorizationConfigurer(getApplicationContext())).getRegistry() .mvcMatchers("/path").hasRole("ADMIN"); // @formatter:on }
/** * Adds an {@link ObjectPostProcessor} for this class. * * @param objectPostProcessor * @return the {@link UrlAuthorizationConfigurer} for further customizations */ public UrlAuthorizationConfigurer<H> withObjectPostProcessor( ObjectPostProcessor<?> objectPostProcessor) { addObjectPostProcessor(objectPostProcessor); return this; }
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http .httpBasic().and() .apply(new UrlAuthorizationConfigurer(getApplicationContext())).getRegistry() .mvcMatchers("/path").servletPath("/spring").hasRole("ADMIN"); // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { http .apply(new UrlAuthorizationConfigurer<>(getApplicationContext())).getRegistry() .antMatchers("/users**", "/sessions/**").hasRole("USER") .antMatchers("/signup").hasRole("ANONYMOUS") .anyRequest().hasRole("USER"); }