Package org.ligoj.boot.web

Class SecurityConfiguration

java.lang.Object

org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

org.ligoj.boot.web.SecurityConfiguration

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(jsr250Enabled=true,
                            securedEnabled=true,
                            prePostEnabled=true)
public class SecurityConfiguration
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Constructor Summary

Constructors

Constructor	Description
SecurityConfiguration()

Method Summary

Modifier and Type	Method	Description
org.ligoj.bootstrap.http.security.RedirectAuthenticationEntryPoint	ajaxFormLoginEntryPoint()	A 403 JSON management.
org.springframework.security.web.firewall.HttpFirewall	allowUrlEncodedSlashHttpFirewall()
AbstractAuthenticationProvider	authenticationProvider()	Pre-Authentication provider.
org.springframework.security.web.session.ConcurrentSessionFilter	concurrentSessionFilter()
protected void	configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
void	configure(org.springframework.security.config.annotation.web.builders.WebSecurity web)
void	configureGlobal(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)	Configure AuthenticationProvider
DigestAuthenticationFilter	digestAuthenticationFilter()
org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler	getFailureHandler()
org.ligoj.bootstrap.http.security.RestRedirectStrategy	getRestFailureStrategy()
org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler	getSuccessHandler()
org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy	sessionAuth()	Maximum ONE concurrent session.
org.springframework.security.core.session.SessionRegistry	sessionRegistry()
SimpleUserDetailsService	userDetailsServiceBean()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

authenticationManager, authenticationManagerBean, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService

Constructor Detail

SecurityConfiguration

public SecurityConfiguration()

Method Detail

configure

protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                  throws Exception

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception

concurrentSessionFilter

@Bean
public org.springframework.security.web.session.ConcurrentSessionFilter concurrentSessionFilter()

digestAuthenticationFilter

@Bean
public DigestAuthenticationFilter digestAuthenticationFilter()

getFailureHandler

@Bean
public org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler getFailureHandler()

getRestFailureStrategy

@Bean
public org.ligoj.bootstrap.http.security.RestRedirectStrategy getRestFailureStrategy()

getSuccessHandler

@Bean
public org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler getSuccessHandler()

sessionAuth

@Bean
public org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy sessionAuth()

Maximum ONE concurrent session. Previous user is logged out.

Returns:

Concurrency configuration.

sessionRegistry

@Bean
public org.springframework.security.core.session.SessionRegistry sessionRegistry()

configureGlobal

@Autowired
public void configureGlobal(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
                     throws Exception

Configure AuthenticationProvider

Parameters:

auth - The builder.

Throws:

Exception - Unable to build the authentication provider

ajaxFormLoginEntryPoint

@Bean
public org.ligoj.bootstrap.http.security.RedirectAuthenticationEntryPoint ajaxFormLoginEntryPoint()

A 403 JSON management.

Returns:

A 403 JSON management.

authenticationProvider

@Bean
public AbstractAuthenticationProvider authenticationProvider()
                                                      throws Exception

Pre-Authentication provider.

Returns:

Pre-Authentication provider.

Throws:

Exception - Unable to build the authentication provider

userDetailsServiceBean

@Bean
public SimpleUserDetailsService userDetailsServiceBean()

Overrides:

userDetailsServiceBean in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

allowUrlEncodedSlashHttpFirewall

@Bean
public org.springframework.security.web.firewall.HttpFirewall allowUrlEncodedSlashHttpFirewall()

configure

public void configure(org.springframework.security.config.annotation.web.builders.WebSecurity web)
               throws Exception

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception