100 lines
4.1 KiB
Plaintext
100 lines
4.1 KiB
Plaintext
@startuml spring-security-ExpressionUrlAuthorizationConfigurer
|
|
skinparam Shadowing false
|
|
skinparam class {
|
|
BackgroundColor White
|
|
}
|
|
hide empty members
|
|
|
|
class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
- ExpressionInterceptUrlRegistry REGISTRY
|
|
- SecurityExpressionHandler<FilterInvocation> expressionHandler
|
|
- void interceptUrl(Iterable<? extends RequestMatcher> matcher, Collection<ConfigAttibute> attributes)
|
|
}
|
|
|
|
class ExpressionInterceptUrlRegistry {
|
|
+ ExpressionInterceptUrlRegistry expressionHandler(SecurityExxpressionHandler<FilterInvocation> handler)
|
|
+ ExpressionInterceptUrlRegistry withObjectPostProcessor(ObjectPostProcessor<?> processor)
|
|
+ H and()
|
|
}
|
|
|
|
class MvcMatchersAuthorizedUrl {
|
|
- MvcMatchersAuthorizeUrl(List<MvcRequestMatcher> requestMatchers)
|
|
+ AuthorizedUrl servletPath(String path)
|
|
}
|
|
|
|
class AuthorizedUrl {
|
|
- List<? extends RequestMatchers> requestMatchers
|
|
- boolean not
|
|
+ AuthorizedUrl not()
|
|
+ ExpressionInterceptUrlRegistry hasRole(String role)
|
|
+ ExpressionInterceptUrlRegistry hasAnyRole(String... roles)
|
|
+ ExpressionInterceptUrlRegistry hasAuthority(String authority)
|
|
+ ExpressionInterceptUrlRegistry hasAnyAuthority(String... suthorities)
|
|
+ ExpressionInterceptUrlRegistry hasIpAddress(String ipAddress)
|
|
+ ExpressionInterceptUrlRegistry permitAll()
|
|
+ ExpressionInterceptUrlRegistry anonymous()
|
|
+ ExpressionInterceptUrlRegistry rememberMe()
|
|
+ ExpressionInterceptUrlRegistry denyAll()
|
|
+ ExpressionInterceptUrlRegistry authenticated()
|
|
+ ExpressionInterceptUrlRegistry fullyAuthenticated()
|
|
+ ExpressionInterceptUrlRegistry access(String attribute)
|
|
}
|
|
|
|
abstract AbstractInterceptUrlConfigurer<C, H> {
|
|
- Boolean filterSecurityInterceptorOncePerRequest
|
|
- AccessDecisionManager accessDecisionManager
|
|
+{abstract} FilterInvocationSecurityMetadataSource createMetadataSource(H http)
|
|
}
|
|
|
|
abstract AbstractInterceptUrlRegistry<R extends AbstractInterceptUrlRegistry<R, T>, T> {
|
|
+ R accessDecisionManager(AccessDecisionManager manager)
|
|
+ R filterSecurityInterceptorOncePerRequest(boolean filter)
|
|
}
|
|
|
|
interface RequestMatcher {
|
|
+ boolean matches(HttpServletRequest request)
|
|
+ MatchResult matcher(HttpServletRequest request)
|
|
}
|
|
|
|
interface AccessDecisionManager {
|
|
+ void decide(Authentication authentication, Object object, Collection<ConfigAttribute> attributes)
|
|
+ boolean supports(ConfigAttribute attribute)
|
|
+ boolean supports(Class<?> clazz)
|
|
}
|
|
|
|
abstract AbstractConfigAttributeRequestMatcherRegistry<C> {
|
|
- List<UrlMapping> urlMappings
|
|
- List<RequestMatcher> unmappedMatcher
|
|
+ void addMapping(UrlMapping mapping)
|
|
#{abstract} C chainRequestMatchersInternal(List<RequestMatcher> matchers)
|
|
+ void addMapping(int index, UrlMapping mapping)
|
|
}
|
|
|
|
abstract AbstractRequestMatcherRegistry<C> {
|
|
-{static} RequestMatcher ANY_REQUEST
|
|
- ApplicationContext context
|
|
- boolean anyRequestConfigured
|
|
+ C anyRequest()
|
|
+ C antMatchers(HttpMethod method)
|
|
+ C antMetchers(HttpMethod method, String... pattern)
|
|
+ C antMatchers(String... pattern)
|
|
+{abstract} C mvcMatchers(String... pattern)
|
|
+{abstract} C mvcMatchers(HttpMethod method, String... pattern)
|
|
+ C regexMatchers(HttpMethod method, String... pattern)
|
|
+ C regexMatchers(String... pattern)
|
|
+ C dispatcherTypeMatchers(HttpMethod method, DispatcherType... types)
|
|
+ C dispatcherTypeMatchers(DispatcherType... types)
|
|
}
|
|
|
|
ExpressionUrlAuthorizationConfigurer +-- ExpressionInterceptUrlRegistry
|
|
MvcMatchersAuthorizedUrl -+ ExpressionUrlAuthorizationConfigurer
|
|
ExpressionUrlAuthorizationConfigurer +-- AuthorizedUrl
|
|
AuthorizedUrl <|- MvcMatchersAuthorizedUrl
|
|
ExpressionInterceptUrlRegistry --|> AbstractInterceptUrlRegistry
|
|
AbstractInterceptUrlRegistry ---+ AbstractInterceptUrlConfigurer
|
|
AuthorizedUrl *-- RequestMatcher
|
|
AbstractInterceptUrlRegistry *- AccessDecisionManager
|
|
AccessDecisionManager -* AbstractInterceptUrlConfigurer
|
|
AbstractInterceptUrlRegistry --|> AbstractConfigAttributeRequestMatcherRegistry
|
|
AbstractConfigAttributeRequestMatcherRegistry --|> AbstractRequestMatcherRegistry
|
|
@enduml |