org.lockss.ws.security.SecurityConfigurer

@Configuration @EnableWebSecurity public class SecurityConfigurer extends Object

Custom Spring security configurator.
This security configurator differs from those found in our other projects (which extend and use SpringSecurityConfigurer and SpringAuthenticationFilter): The LOCKS SOAP Service does not perform any request authentication or authorization itself, instead forwarding the request to the respective REST service and delegating to it to handle any request authentication and authorization. The SOAP Service is configured to permit all requests, and disables Spring's CSRF mitigations.

Constructor Summary

Constructors

Constructor

Description

SecurityConfigurer()
Method Summary

Modifier and Type

Method

Description

org.springframework.security.web.SecurityFilterChain

filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- SecurityConfigurer
  
  public SecurityConfigurer()
Method Details
- filterChain
  
  @Bean public org.springframework.security.web.SecurityFilterChain filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
  
  Throws:
  
  Exception

Class SecurityConfigurer

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

SecurityConfigurer

Method Details

filterChain