@startuml spring-security-ExpressionUrlAuthorizationConfigurer skinparam Shadowing false skinparam class { BackgroundColor White } hide empty members class ExpressionUrlAuthorizationConfigurer> { - ExpressionInterceptUrlRegistry REGISTRY - SecurityExpressionHandler expressionHandler - void interceptUrl(Iterable matcher, Collection attributes) } class ExpressionInterceptUrlRegistry { + ExpressionInterceptUrlRegistry expressionHandler(SecurityExxpressionHandler handler) + ExpressionInterceptUrlRegistry withObjectPostProcessor(ObjectPostProcessor processor) + H and() } class MvcMatchersAuthorizedUrl { - MvcMatchersAuthorizeUrl(List requestMatchers) + AuthorizedUrl servletPath(String path) } class AuthorizedUrl { - List requestMatchers - boolean not + AuthorizedUrl not() + ExpressionInterceptUrlRegistry hasRole(String role) + ExpressionInterceptUrlRegistry hasAnyRole(String... roles) + ExpressionInterceptUrlRegistry hasAuthority(String authority) + ExpressionInterceptUrlRegistry hasAnyAuthority(String... suthorities) + ExpressionInterceptUrlRegistry hasIpAddress(String ipAddress) + ExpressionInterceptUrlRegistry permitAll() + ExpressionInterceptUrlRegistry anonymous() + ExpressionInterceptUrlRegistry rememberMe() + ExpressionInterceptUrlRegistry denyAll() + ExpressionInterceptUrlRegistry authenticated() + ExpressionInterceptUrlRegistry fullyAuthenticated() + ExpressionInterceptUrlRegistry access(String attribute) } abstract AbstractInterceptUrlConfigurer { - Boolean filterSecurityInterceptorOncePerRequest - AccessDecisionManager accessDecisionManager +{abstract} FilterInvocationSecurityMetadataSource createMetadataSource(H http) } abstract AbstractInterceptUrlRegistry, T> { + R accessDecisionManager(AccessDecisionManager manager) + R filterSecurityInterceptorOncePerRequest(boolean filter) } interface RequestMatcher { + boolean matches(HttpServletRequest request) + MatchResult matcher(HttpServletRequest request) } interface AccessDecisionManager { + void decide(Authentication authentication, Object object, Collection attributes) + boolean supports(ConfigAttribute attribute) + boolean supports(Class clazz) } abstract AbstractConfigAttributeRequestMatcherRegistry { - List urlMappings - List unmappedMatcher + void addMapping(UrlMapping mapping) #{abstract} C chainRequestMatchersInternal(List matchers) + void addMapping(int index, UrlMapping mapping) } abstract AbstractRequestMatcherRegistry { -{static} RequestMatcher ANY_REQUEST - ApplicationContext context - boolean anyRequestConfigured + C anyRequest() + C antMatchers(HttpMethod method) + C antMetchers(HttpMethod method, String... pattern) + C antMatchers(String... pattern) +{abstract} C mvcMatchers(String... pattern) +{abstract} C mvcMatchers(HttpMethod method, String... pattern) + C regexMatchers(HttpMethod method, String... pattern) + C regexMatchers(String... pattern) + C dispatcherTypeMatchers(HttpMethod method, DispatcherType... types) + C dispatcherTypeMatchers(DispatcherType... types) } ExpressionUrlAuthorizationConfigurer +-- ExpressionInterceptUrlRegistry MvcMatchersAuthorizedUrl -+ ExpressionUrlAuthorizationConfigurer ExpressionUrlAuthorizationConfigurer +-- AuthorizedUrl AuthorizedUrl <|- MvcMatchersAuthorizedUrl ExpressionInterceptUrlRegistry --|> AbstractInterceptUrlRegistry AbstractInterceptUrlRegistry ---+ AbstractInterceptUrlConfigurer AuthorizedUrl *-- RequestMatcher AbstractInterceptUrlRegistry *- AccessDecisionManager AccessDecisionManager -* AbstractInterceptUrlConfigurer AbstractInterceptUrlRegistry --|> AbstractConfigAttributeRequestMatcherRegistry AbstractConfigAttributeRequestMatcherRegistry --|> AbstractRequestMatcherRegistry @enduml