Package org.springframework.security.config.annotation.web

Interface HttpSecurityBuilder<H extends HttpSecurityBuilder<H>>

  • Type Parameters:
    H -
    All Superinterfaces:
    SecurityBuilder<org.springframework.security.web.DefaultSecurityFilterChain>
    All Known Implementing Classes:
    HttpSecurity
    public interface HttpSecurityBuilder<H extends HttpSecurityBuilder<H>>
extends SecurityBuilder<org.springframework.security.web.DefaultSecurityFilterChain>

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      H addFilter​(javax.servlet.Filter filter)
      Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework.
      H addFilterAfter​(javax.servlet.Filter filter, java.lang.Class<? extends javax.servlet.Filter> afterFilter)
      Allows adding a Filter after one of the known Filter classes.
      H addFilterBefore​(javax.servlet.Filter filter, java.lang.Class<? extends javax.servlet.Filter> beforeFilter)
      Allows adding a Filter before one of the known Filter classes.
      H authenticationProvider​(org.springframework.security.authentication.AuthenticationProvider authenticationProvider)
      Allows adding an additional AuthenticationProvider to be used
      <C extends SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,​H>>
      C      		 getConfigurer​(java.lang.Class<C> clazz)
      Gets the SecurityConfigurer by its class name or null if not found.
      <C> C getSharedObject​(java.lang.Class<C> sharedType)
      Gets a shared Object.
      <C extends SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,​H>>
      C      		 removeConfigurer​(java.lang.Class<C> clazz)
      Removes the SecurityConfigurer by its class name or null if not found.
      <C> void setSharedObject​(java.lang.Class<C> sharedType, C object)
      Sets an object that is shared by multiple SecurityConfigurer.
      H userDetailsService​(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
      Allows adding an additional UserDetailsService to be used

    • Method Detail

      • getConfigurer

        <C extends SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,​H>> C getConfigurer​(java.lang.Class<C> clazz)
        Gets the SecurityConfigurer by its class name or null if not found. Note that object hierarchies are not considered.
        Parameters:
        clazz - the Class of the SecurityConfigurer to attempt to get.

      • removeConfigurer

        <C extends SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,​H>> C removeConfigurer​(java.lang.Class<C> clazz)
        Removes the SecurityConfigurer by its class name or null if not found. Note that object hierarchies are not considered.
        Parameters:
        clazz - the Class of the SecurityConfigurer to attempt to remove.
        Returns:
        the SecurityConfigurer that was removed or null if not found

      • setSharedObject

        <C> void setSharedObject​(java.lang.Class<C> sharedType,
                         C object)
        Sets an object that is shared by multiple SecurityConfigurer.
        Parameters:
        sharedType - the Class to key the shared object by.
        object - the Object to store

      • getSharedObject

        <C> C getSharedObject​(java.lang.Class<C> sharedType)
        Gets a shared Object. Note that object heirarchies are not considered.
        Parameters:
        sharedType - the type of the shared Object
        Returns:
        the shared Object or null if it is not found

      • authenticationProvider

        H authenticationProvider​(org.springframework.security.authentication.AuthenticationProvider authenticationProvider)
        Allows adding an additional AuthenticationProvider to be used
        Parameters:
        authenticationProvider - the AuthenticationProvider to be added
        Returns:
        the HttpSecurity for further customizations

      • userDetailsService

        H userDetailsService​(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
              throws java.lang.Exception
        Allows adding an additional UserDetailsService to be used
        Parameters:
        userDetailsService - the UserDetailsService to be added
        Returns:
        the HttpSecurity for further customizations
        Throws:
        java.lang.Exception

      • addFilterAfter

        H addFilterAfter​(javax.servlet.Filter filter,
                 java.lang.Class<? extends javax.servlet.Filter> afterFilter)
        Allows adding a Filter after one of the known Filter classes. The known Filter instances are either a Filter listed in addFilter(Filter) or a Filter that has already been added using addFilterAfter(Filter, Class) or addFilterBefore(Filter, Class).
        Parameters:
        filter - the Filter to register after the type afterFilter
        afterFilter - the Class of the known Filter.
        Returns:
        the HttpSecurity for further customizations

      • addFilterBefore

        H addFilterBefore​(javax.servlet.Filter filter,
                  java.lang.Class<? extends javax.servlet.Filter> beforeFilter)
        Allows adding a Filter before one of the known Filter classes. The known Filter instances are either a Filter listed in addFilter(Filter) or a Filter that has already been added using addFilterAfter(Filter, Class) or addFilterBefore(Filter, Class).
        Parameters:
        filter - the Filter to register before the type beforeFilter
        beforeFilter - the Class of the known Filter.
        Returns:
        the HttpSecurity for further customizations

      • addFilter

        H addFilter​(javax.servlet.Filter filter)
        Adds a Filter that must be an instance of or extend one of the Filters provided within the Security framework. The method ensures that the ordering of the Filters is automatically taken care of. The ordering of the Filters is:
        • DisableEncodeUrlFilter
        • ForceEagerSessionCreationFilter
        • ChannelProcessingFilter
        • WebAsyncManagerIntegrationFilter
        • SecurityContextHolderFilter
        • SecurityContextPersistenceFilter
        • HeaderWriterFilter
        • CorsFilter
        • CsrfFilter
        • LogoutFilter
        • OAuth2AuthorizationRequestRedirectFilter
        • Saml2WebSsoAuthenticationRequestFilter
        • X509AuthenticationFilter
        • AbstractPreAuthenticatedProcessingFilter
        • CasAuthenticationFilter
        • OAuth2LoginAuthenticationFilter
        • Saml2WebSsoAuthenticationFilter
        • UsernamePasswordAuthenticationFilter
        • OpenIDAuthenticationFilter
        • DefaultLoginPageGeneratingFilter
        • DefaultLogoutPageGeneratingFilter
        • ConcurrentSessionFilter
        • DigestAuthenticationFilter
        • BearerTokenAuthenticationFilter
        • BasicAuthenticationFilter
        • RequestCacheAwareFilter
        • SecurityContextHolderAwareRequestFilter
        • JaasApiIntegrationFilter
        • RememberMeAuthenticationFilter
        • AnonymousAuthenticationFilter
        • OAuth2AuthorizationCodeGrantFilter
        • SessionManagementFilter
        • ExceptionTranslationFilter
        • FilterSecurityInterceptor
        • AuthorizationFilter
        • SwitchUserFilter
        Parameters:
        filter - the Filter to add
        Returns:
        the HttpSecurity for further customizations