Class MessageSecurityMetadataSourceRegistry.Constraint
java.lang.Object
org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry.Constraint
- Enclosing class:
- MessageSecurityMetadataSourceRegistry
Represents the security constraint to be applied to the
MessageMatcher
instances.-
Method Summary
Modifier and TypeMethodDescriptionAllows specifying that Messages are secured by an arbitrary expressionSpecify that Messages are allowed by anonymous users.Specify that Messages are allowed by any authenticated user.denyAll()Specify that Messages are not allowed by anyone.Specify that Messages are allowed by users who have authenticated and were not "remembered".hasAnyAuthority(String... authorities) Specify thatMessageinstances requires any of a number authorities.hasAnyRole(String... roles) Shortcut for specifyingMessageinstances require any of a number of roles.hasAuthority(String authority) Specify thatMessageinstances require a particular authority.Shortcut for specifyingMessageinstances require a particular role.Specify that Messages are allowed by anyone.Specify that Messages are allowed by users that have been remembered.
-
Method Details
-
hasRole
Shortcut for specifyingMessageinstances require a particular role. If you do not want to have "ROLE_" automatically inserted seehasAuthority(String).- Parameters:
role- the role to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as this is automatically inserted.- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-
hasAnyRole
Shortcut for specifyingMessageinstances require any of a number of roles. If you do not want to have "ROLE_" automatically inserted seehasAnyAuthority(String...)- Parameters:
roles- the roles to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as this is automatically inserted.- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-
hasAuthority
Specify thatMessageinstances require a particular authority.- Parameters:
authority- the authority to require (i.e. ROLE_USER, ROLE_ADMIN, etc).- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-
hasAnyAuthority
Specify thatMessageinstances requires any of a number authorities.- Parameters:
authorities- the requests require at least one of the authorities (i.e. "ROLE_USER","ROLE_ADMIN" would mean either "ROLE_USER" or "ROLE_ADMIN" is required).- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-
permitAll
Specify that Messages are allowed by anyone.- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-
anonymous
Specify that Messages are allowed by anonymous users.- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-
rememberMe
Specify that Messages are allowed by users that have been remembered.- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization - See Also:
-
denyAll
Specify that Messages are not allowed by anyone.- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-
authenticated
Specify that Messages are allowed by any authenticated user.- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-
fullyAuthenticated
Specify that Messages are allowed by users who have authenticated and were not "remembered".- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization - See Also:
-
access
Allows specifying that Messages are secured by an arbitrary expression- Parameters:
attribute- the expression to secure the URLs (i.e. "hasRole('ROLE_USER') and hasRole('ROLE_SUPER')")- Returns:
- the
MessageSecurityMetadataSourceRegistryfor further customization
-