|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B> org.springframework.security.config.annotation.web.configurers.JeeConfigurer<H>
public final class JeeConfigurer<H extends HttpSecurityBuilder<H>>
Adds support for J2EE pre authentication.
AuthenticationEntryPoint
is populated with an Http403ForbiddenEntryPoint
PreAuthenticatedAuthenticationProvider
is populated into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
Constructor Summary | |
---|---|
JeeConfigurer()
Creates a new instance |
Method Summary | |
---|---|
JeeConfigurer<H> |
authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
Specifies the AuthenticationUserDetailsService that is used with
the PreAuthenticatedAuthenticationProvider . |
void |
configure(H http)
Configure the SecurityBuilder by setting the necessary properties
on the SecurityBuilder . |
B |
disable()
Disables the AbstractHttpConfigurer by removing it. |
void |
init(H http)
Populates a PreAuthenticatedAuthenticationProvider into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
and a Http403ForbiddenEntryPoint into
HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) |
JeeConfigurer<H> |
j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
Allows specifying the J2eePreAuthenticatedProcessingFilter to
use. |
JeeConfigurer<H> |
mappableAuthorities(Set<String> mappableRoles)
Specifies roles to use map from the HttpServletRequest to the
UserDetails . |
JeeConfigurer<H> |
mappableAuthorities(String... mappableRoles)
Specifies roles to use map from the HttpServletRequest to the
UserDetails . |
JeeConfigurer<H> |
mappableRoles(String... mappableRoles)
Specifies roles to use map from the HttpServletRequest to the
UserDetails and automatically prefixes it with "ROLE_". |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
|
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter |
---|
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public JeeConfigurer()
HttpSecurity.jee()
Method Detail |
---|
public JeeConfigurer<H> mappableAuthorities(String... mappableRoles)
HttpServletRequest
to the
UserDetails
. If HttpServletRequest.isUserInRole(String)
returns true, the role is added to the UserDetails
. This method
is the equivalent of invoking mappableAuthorities(Set)
. Multiple
invocations of mappableAuthorities(String...)
will override previous
invocations.
There are no default roles that are mapped.
mappableRoles
- the roles to attempt to map to the UserDetails
(i.e.
"ROLE_USER", "ROLE_ADMIN", etc).
JeeConfigurer
for further customizationsSimpleMappableAttributesRetriever
,
mappableRoles(String...)
public JeeConfigurer<H> mappableRoles(String... mappableRoles)
HttpServletRequest
to the
UserDetails
and automatically prefixes it with "ROLE_". If
HttpServletRequest.isUserInRole(String)
returns true, the role is
added to the UserDetails
. This method is the equivalent of
invoking mappableAuthorities(Set)
. Multiple invocations of
mappableRoles(String...)
will override previous invocations.
There are no default roles that are mapped.
mappableRoles
- the roles to attempt to map to the UserDetails
(i.e.
"USER", "ADMIN", etc).
JeeConfigurer
for further customizationsSimpleMappableAttributesRetriever
,
mappableAuthorities(String...)
public JeeConfigurer<H> mappableAuthorities(Set<String> mappableRoles)
HttpServletRequest
to the
UserDetails
. If HttpServletRequest.isUserInRole(String)
returns true, the role is added to the UserDetails
. This is the
equivalent of mappableRoles(String...)
. Multiple invocations of
mappableAuthorities(Set)
will override previous invocations.
There are no default roles that are mapped.
mappableRoles
- the roles to attempt to map to the UserDetails
.
JeeConfigurer
for further customizationsSimpleMappableAttributesRetriever
public JeeConfigurer<H> authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
AuthenticationUserDetailsService
that is used with
the PreAuthenticatedAuthenticationProvider
. The default is a
PreAuthenticatedGrantedAuthoritiesUserDetailsService
.
authenticatedUserDetailsService
- the AuthenticationUserDetailsService
to use.
JeeConfigurer
for further configurationpublic JeeConfigurer<H> j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
J2eePreAuthenticatedProcessingFilter
to
use. If J2eePreAuthenticatedProcessingFilter
is provided, all of its attributes must also be
configured manually (i.e. all attributes populated in the JeeConfigurer
are not used).
j2eePreAuthenticatedProcessingFilter
- the J2eePreAuthenticatedProcessingFilter
to use.
JeeConfigurer
for further configurationpublic void init(H http) throws Exception
PreAuthenticatedAuthenticationProvider
into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
and a Http403ForbiddenEntryPoint
into
HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint)
init
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
init
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
SecurityConfigurerAdapter.init(org.springframework.security.config.annotation.SecurityBuilder)
public void configure(H http) throws Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties
on the SecurityBuilder
.
configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
public B disable()
AbstractHttpConfigurer
by removing it. After doing
so a fresh version of the configuration can be applied.
HttpSecurityBuilder
for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |