org.molgenis.security

Class MolgenisWebAppSecurityConfig

java.lang.Object

org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

org.molgenis.security.MolgenisWebAppSecurityConfig

All Implemented Interfaces:

org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>

public abstract class MolgenisWebAppSecurityConfig
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Constructor Summary

Constructors

Constructor and Description
MolgenisWebAppSecurityConfig()

Method Summary

Modifier and Type	Method and Description
org.springframework.security.authentication.AnonymousAuthenticationProvider	anonymousAuthenticationProvider()
org.springframework.security.web.authentication.AnonymousAuthenticationFilter	anonymousAuthFilter()
org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint	authenticationEntryPoint()
org.springframework.security.authentication.AuthenticationManager	authenticationManagerBean()
ResettableOAuth2AuthorizedClientService	authorizedClientService()
javax.servlet.Filter	changePasswordFilter()
org.springframework.security.oauth2.client.registration.ClientRegistrationRepository	clientRegistrationRepository()
protected void	configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
protected void	configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
void	configure(org.springframework.security.config.annotation.web.builders.WebSecurity web)
protected abstract void	configureUrlAuthorization(org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry expressionInterceptUrlRegistry)
org.springframework.security.web.session.HttpSessionEventPublisher	httpSessionEventPublisher()
org.springframework.security.web.session.InvalidSessionStrategy	invalidSessionStrategy()
org.springframework.web.servlet.LocaleResolver	localeResolver()
OidcUserMapper	oidcUserMapper()
org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService	oidcUserService()
org.springframework.security.crypto.password.PasswordEncoder	passwordEncoder()
RecoveryAuthenticationProvider	recoveryAuthenticationProvider()
org.springframework.security.web.RedirectStrategy	redirectStrategy()
protected abstract org.springframework.security.access.hierarchicalroles.RoleHierarchy	roleHierarchy()
org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper	roleHierarchyAuthoritiesMapper()
org.springframework.security.access.hierarchicalroles.RoleHierarchy	roleHierarchyBean()
org.springframework.security.access.vote.RoleVoter	roleVoter()
org.springframework.security.authentication.AuthenticationProvider	runAsAuthenticationProvider()
javax.servlet.Filter	tokenAuthenticationFilter()
org.springframework.security.authentication.AuthenticationProvider	tokenAuthenticationProvider()
TokenService	tokenService()
TwoFactorAuthenticationFilter	twoFactorAuthenticationFilter()
TwoFactorAuthenticationProvider	twoFactorAuthenticationProvider()
org.springframework.security.core.userdetails.UserDetailsChecker	userDetailsChecker()
protected UserDetailsService	userDetailsService()
org.springframework.security.core.userdetails.UserDetailsService	userDetailsServiceBean()

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

authenticationManager, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

MolgenisWebAppSecurityConfig

public MolgenisWebAppSecurityConfig()

Method Detail

configure

protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                  throws Exception

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception

configure

public void configure(org.springframework.security.config.annotation.web.builders.WebSecurity web)
               throws Exception

Specified by:

configure in interface org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception

runAsAuthenticationProvider

@Bean
public org.springframework.security.authentication.AuthenticationProvider runAsAuthenticationProvider()

configureUrlAuthorization

protected abstract void configureUrlAuthorization(org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry expressionInterceptUrlRegistry)

roleHierarchy

protected abstract org.springframework.security.access.hierarchicalroles.RoleHierarchy roleHierarchy()

anonymousAuthFilter

@Bean
public org.springframework.security.web.authentication.AnonymousAuthenticationFilter anonymousAuthFilter()

anonymousAuthenticationProvider

@Bean
public org.springframework.security.authentication.AnonymousAuthenticationProvider anonymousAuthenticationProvider()

tokenService

@Bean
public TokenService tokenService()

tokenAuthenticationProvider

@Bean
public org.springframework.security.authentication.AuthenticationProvider tokenAuthenticationProvider()

tokenAuthenticationFilter

@Bean
public javax.servlet.Filter tokenAuthenticationFilter()

changePasswordFilter

@Bean
public javax.servlet.Filter changePasswordFilter()

twoFactorAuthenticationFilter

@Bean
public TwoFactorAuthenticationFilter twoFactorAuthenticationFilter()

twoFactorAuthenticationProvider

@Bean
public TwoFactorAuthenticationProvider twoFactorAuthenticationProvider()

recoveryAuthenticationProvider

@Bean
public RecoveryAuthenticationProvider recoveryAuthenticationProvider()

redirectStrategy

@Bean
public org.springframework.security.web.RedirectStrategy redirectStrategy()

roleHierarchyBean

@Bean
public org.springframework.security.access.hierarchicalroles.RoleHierarchy roleHierarchyBean()

roleVoter

@Bean
public org.springframework.security.access.vote.RoleVoter roleVoter()

roleHierarchyAuthoritiesMapper

@Bean
public org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper roleHierarchyAuthoritiesMapper()

passwordEncoder

@Bean
public org.springframework.security.crypto.password.PasswordEncoder passwordEncoder()

userDetailsService

@Bean
protected UserDetailsService userDetailsService()

Overrides:

userDetailsService in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

userDetailsServiceBean

@Bean
public org.springframework.security.core.userdetails.UserDetailsService userDetailsServiceBean()
                                                                                              throws Exception

Overrides:

userDetailsServiceBean in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception

userDetailsChecker

@Bean
public org.springframework.security.core.userdetails.UserDetailsChecker userDetailsChecker()

configure

protected void configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

authenticationManagerBean

@Bean
public org.springframework.security.authentication.AuthenticationManager authenticationManagerBean()
                                                                                                  throws Exception

Overrides:

authenticationManagerBean in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception

authenticationEntryPoint

@Bean
public org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint authenticationEntryPoint()

invalidSessionStrategy

@Bean
public org.springframework.security.web.session.InvalidSessionStrategy invalidSessionStrategy()

httpSessionEventPublisher

@Bean
public org.springframework.security.web.session.HttpSessionEventPublisher httpSessionEventPublisher()

clientRegistrationRepository

@Bean
public org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository()

authorizedClientService

@Bean
public ResettableOAuth2AuthorizedClientService authorizedClientService()

oidcUserService

@Bean
public org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService oidcUserService()

oidcUserMapper

@Bean
public OidcUserMapper oidcUserMapper()

localeResolver

@Bean
public org.springframework.web.servlet.LocaleResolver localeResolver()