Package org.ligoj.boot.web

Class SecurityConfiguration

java.lang.Object
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
org.ligoj.boot.web.SecurityConfiguration
All Implemented Interfaces:
org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,​org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(jsr250Enabled=true, securedEnabled=true, prePostEnabled=true) @Profile("prod") public class SecurityConfiguration extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
Spring Boot security configuration.

  • Field Details

    • securityPreAuthPrincipal

      @Value("${security.pre-auth-principal:}") protected String securityPreAuthPrincipal

    • securityPreAuthLogout

      @Value("${security.pre-auth-logout:}") protected String securityPreAuthLogout

    • securityPreAuthCredentials

      @Value("${security.pre-auth-credentials:}") protected String securityPreAuthCredentials

    • securityPreAuthCookies

      @Value("${security.pre-auth-cookies:}") protected String[] securityPreAuthCookies

  • Constructor Details

    • SecurityConfiguration

      public SecurityConfiguration()

  • Method Details

    • ajaxFormLoginEntryPoint

      @Bean public org.ligoj.bootstrap.http.security.RedirectAuthenticationEntryPoint ajaxFormLoginEntryPoint()
      A 403 JSON management.
      Returns:
      A 403 JSON management.

    • allowUrlEncodedSlashHttpFirewall

      @Bean public org.springframework.security.web.firewall.HttpFirewall allowUrlEncodedSlashHttpFirewall()
      Configure firewall.
      Returns:
      firewall configuration.

    • authenticationProvider

      @Bean public AbstractAuthenticationProvider authenticationProvider() throws ReflectiveOperationException
      Pre-Authentication provider.
      Returns:
      Pre-Authentication provider.
      Throws:
      ReflectiveOperationException - Unable to build the authentication provider

    • concurrentSessionFilter

      @Bean public org.springframework.security.web.session.ConcurrentSessionFilter concurrentSessionFilter()
      Configure session management filter.
      Returns:
      session management configuration.

    • configure

      protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Overrides:
      configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
      Throws:
      Exception

    • configure

      public void configure(org.springframework.security.config.annotation.web.builders.WebSecurity web)
      Specified by:
      configure in interface org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,​org.springframework.security.config.annotation.web.builders.WebSecurity>
      Overrides:
      configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

    • configureGlobal

      @Autowired public void configureGlobal(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth) throws ReflectiveOperationException
      Configure AuthenticationProvider
      Parameters:
      auth - The builder.
      Throws:
      ReflectiveOperationException - Unable to build the authentication provider

    • digestAuthenticationFilter

      @Bean public DigestAuthenticationFilter digestAuthenticationFilter()
      Configure digest based authentication.
      Returns:
      digest based authentication configuration.

    • getFailureHandler

      @Bean public org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler getFailureHandler()
      Configure failure URL.
      Returns:
      authentication failure configuration.

    • getRestFailureStrategy

      @Bean public org.ligoj.bootstrap.http.security.RestRedirectStrategy getRestFailureStrategy()
      Configure REST failure URL.
      Returns:
      REST failure configuration.

    • getSuccessHandler

      @Bean public org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler getSuccessHandler()
      Configure success URL.
      Returns:
      authentication success configuration.

    • sessionAuth

      @Bean public org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy sessionAuth()
      Maximum ONE concurrent session. Previous user is logged out.
      Returns:
      Concurrency configuration.

    • sessionRegistry

      @Bean public org.springframework.security.core.session.SessionRegistry sessionRegistry()
      Configure session registry.
      Returns:
      session registry configuration.

    • userDetailsServiceBean

      @Bean public SimpleUserDetailsService userDetailsServiceBean()
      Overrides:
      userDetailsServiceBean in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter