public class LemonSecurityConfig
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
GOOD_ADMIN |
static java.lang.String |
GOOD_USER |
static java.lang.String |
TOKEN_PREFIX |
static java.lang.String |
TOKEN_REQUEST_HEADER_NAME |
static java.lang.String |
TOKEN_RESPONSE_HEADER_NAME |
Constructor and Description |
---|
LemonSecurityConfig() |
Modifier and Type | Method and Description |
---|---|
protected void |
authorizeRequests(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
URL based authorization configuration.
|
protected void |
configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
Needed for configuring JwtAuthenticationProvider
|
protected void |
configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
Security configuration, calling protected methods
|
protected void |
cors(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
Configures CORS
|
void |
createLemonSecurityConfig(LemonProperties properties,
org.springframework.security.core.userdetails.UserDetailsService userDetailsService,
AuthenticationSuccessHandler authenticationSuccessHandler,
org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler,
LemonOidcUserService oidcUserService,
LemonOAuth2UserService<?,?> oauth2UserService,
OAuth2AuthenticationSuccessHandler<?> oauth2AuthenticationSuccessHandler,
OAuth2AuthenticationFailureHandler oauth2AuthenticationFailureHandler,
JwtAuthenticationProvider<?,?> jwtAuthenticationProvider,
org.springframework.security.crypto.password.PasswordEncoder passwordEncoder) |
protected void |
csrf(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
Disables CSRF.
|
protected void |
exceptionHandling(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
Configures exception-handling
|
org.springframework.security.authentication.AuthenticationManager |
getAuthenticationManager()
Returns AuthenticationManager, to be used for configuring LemonTokenAuthenticationFilter
|
protected void |
login(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
Configuring authentication.
|
protected void |
logout(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
Logout related configuration
|
protected void |
otherConfigurations(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
Override this to add more http configurations,
such as more authentication methods.
|
protected void |
sessionCreationPolicy(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
Configuring Session creation policy
|
authenticationManager, authenticationManagerBean, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean
public static final java.lang.String GOOD_ADMIN
public static final java.lang.String GOOD_USER
public static final java.lang.String TOKEN_PREFIX
public static final java.lang.String TOKEN_REQUEST_HEADER_NAME
public static final java.lang.String TOKEN_RESPONSE_HEADER_NAME
@Autowired public void createLemonSecurityConfig(LemonProperties properties, org.springframework.security.core.userdetails.UserDetailsService userDetailsService, AuthenticationSuccessHandler authenticationSuccessHandler, org.springframework.security.web.authentication.AuthenticationFailureHandler authenticationFailureHandler, LemonOidcUserService oidcUserService, LemonOAuth2UserService<?,?> oauth2UserService, OAuth2AuthenticationSuccessHandler<?> oauth2AuthenticationSuccessHandler, OAuth2AuthenticationFailureHandler oauth2AuthenticationFailureHandler, JwtAuthenticationProvider<?,?> jwtAuthenticationProvider, org.springframework.security.crypto.password.PasswordEncoder passwordEncoder)
protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
configure
in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
java.lang.Exception
protected void sessionCreationPolicy(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
java.lang.Exception
protected void login(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
java.lang.Exception
protected void logout(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
java.lang.Exception
protected void exceptionHandling(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
java.lang.Exception
protected void csrf(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
java.lang.Exception
protected void cors(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
java.lang.Exception
protected void authorizeRequests(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
java.lang.Exception
protected void otherConfigurations(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws java.lang.Exception
http
- java.lang.Exception
protected void configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth) throws java.lang.Exception
configure
in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
java.lang.Exception
public org.springframework.security.authentication.AuthenticationManager getAuthenticationManager() throws java.lang.Exception
java.lang.Exception