Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.config.annotation.web.configurers
Class JeeConfigurer<H extends HttpSecurityBuilder<H>>

java.lang.Object
  extended by org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
      extended by org.springframework.security.config.annotation.web.configurers.JeeConfigurer<H>
All Implemented Interfaces:
SecurityConfigurer<DefaultSecurityFilterChain,H>
public final class JeeConfigurer<H extends HttpSecurityBuilder<H>>
extends SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>

Adds support for J2EE pre authentication.

Security Filters

The following Filters are populated

Shared Objects Created

Shared Objects Used

The following shared objects are used:

Since:
3.2

Constructor Summary
JeeConfigurer()
          Creates a new instance
 
Method Summary
 JeeConfigurer<H> authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
          Specifies the AuthenticationUserDetailsService that is used with the PreAuthenticatedAuthenticationProvider.
 void configure(H http)
          Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
 B disable()
          Disables the AbstractHttpConfigurer by removing it.
 void init(H http)
          Populates a PreAuthenticatedAuthenticationProvider into HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider) and a Http403ForbiddenEntryPoint into HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint)
 JeeConfigurer<H> j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
          Allows specifying the J2eePreAuthenticatedProcessingFilter to use.
 JeeConfigurer<H> mappableAuthorities(Set<String> mappableRoles)
          Specifies roles to use map from the HttpServletRequest to the UserDetails.
 JeeConfigurer<H> mappableAuthorities(String... mappableRoles)
          Specifies roles to use map from the HttpServletRequest to the UserDetails.
 JeeConfigurer<H> mappableRoles(String... mappableRoles)
          Specifies roles to use map from the HttpServletRequest to the UserDetails and automatically prefixes it with "ROLE_".
 T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
           
 
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

JeeConfigurer

public JeeConfigurer()
Creates a new instance

See Also:
HttpSecurity.jee()
Method Detail

mappableAuthorities

public JeeConfigurer<H> mappableAuthorities(String... mappableRoles)
Specifies roles to use map from the HttpServletRequest to the UserDetails. If HttpServletRequest.isUserInRole(String) returns true, the role is added to the UserDetails. This method is the equivalent of invoking mappableAuthorities(Set). Multiple invocations of mappableAuthorities(String...) will override previous invocations.

There are no default roles that are mapped.

Parameters:
mappableRoles - the roles to attempt to map to the UserDetails (i.e. "ROLE_USER", "ROLE_ADMIN", etc).
Returns:
the JeeConfigurer for further customizations
See Also:
SimpleMappableAttributesRetriever, mappableRoles(String...)

mappableRoles

public JeeConfigurer<H> mappableRoles(String... mappableRoles)
Specifies roles to use map from the HttpServletRequest to the UserDetails and automatically prefixes it with "ROLE_". If HttpServletRequest.isUserInRole(String) returns true, the role is added to the UserDetails. This method is the equivalent of invoking mappableAuthorities(Set). Multiple invocations of mappableRoles(String...) will override previous invocations.

There are no default roles that are mapped.

Parameters:
mappableRoles - the roles to attempt to map to the UserDetails (i.e. "USER", "ADMIN", etc).
Returns:
the JeeConfigurer for further customizations
See Also:
SimpleMappableAttributesRetriever, mappableAuthorities(String...)

mappableAuthorities

public JeeConfigurer<H> mappableAuthorities(Set<String> mappableRoles)
Specifies roles to use map from the HttpServletRequest to the UserDetails. If HttpServletRequest.isUserInRole(String) returns true, the role is added to the UserDetails. This is the equivalent of mappableRoles(String...). Multiple invocations of mappableAuthorities(Set) will override previous invocations.

There are no default roles that are mapped.

Parameters:
mappableRoles - the roles to attempt to map to the UserDetails.
Returns:
the JeeConfigurer for further customizations
See Also:
SimpleMappableAttributesRetriever

authenticatedUserDetailsService

public JeeConfigurer<H> authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
Specifies the AuthenticationUserDetailsService that is used with the PreAuthenticatedAuthenticationProvider. The default is a PreAuthenticatedGrantedAuthoritiesUserDetailsService.

Parameters:
authenticatedUserDetailsService - the AuthenticationUserDetailsService to use.
Returns:
the JeeConfigurer for further configuration

j2eePreAuthenticatedProcessingFilter

public JeeConfigurer<H> j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
Allows specifying the J2eePreAuthenticatedProcessingFilter to use. If J2eePreAuthenticatedProcessingFilter is provided, all of its attributes must also be configured manually (i.e. all attributes populated in the JeeConfigurer are not used).

Parameters:
j2eePreAuthenticatedProcessingFilter - the J2eePreAuthenticatedProcessingFilter to use.
Returns:
the JeeConfigurer for further configuration

init

public void init(H http)
          throws Exception
Populates a PreAuthenticatedAuthenticationProvider into HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider) and a Http403ForbiddenEntryPoint into HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint)

Specified by:
init in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Overrides:
init in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Throws:
Exception
See Also:
SecurityConfigurerAdapter.init(org.springframework.security.config.annotation.SecurityBuilder)

configure

public void configure(H http)
               throws Exception
Description copied from interface: SecurityConfigurer
Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.

Specified by:
configure in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Overrides:
configure in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Throws:
Exception

disable

public B disable()
Disables the AbstractHttpConfigurer by removing it. After doing so a fresh version of the configuration can be applied.

Returns:
the HttpSecurityBuilder for additional customizations

withObjectPostProcessor

public T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD