Class SecurityConfiguration
java.lang.Object
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
org.qubership.atp.auth.springbootstarter.config.AtpKeycloakWebSecurityConfigurerAdapter
org.qubership.atp.auth.springbootstarter.config.SecurityConfiguration
- All Implemented Interfaces:
org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,,org.springframework.security.config.annotation.web.builders.WebSecurity> org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)
@Profile("default")
public class SecurityConfiguration
extends AtpKeycloakWebSecurityConfigurerAdapter
-
Field Summary
Fields inherited from class org.qubership.atp.auth.springbootstarter.config.AtpKeycloakWebSecurityConfigurerAdapter
keycloakConfigResolver -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voidconfigure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) Configure HttpSecurity.voidconfigure(org.springframework.security.config.annotation.web.builders.WebSecurity web) Configure WebSecurity parameter object.voidconfigureGlobal(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth) Configure authentication.entityAccess(UsersService usersService, UserGroupService userGroupService, DataContextHolder<Set<String>> userRolesContextHolder) Create entityAccess PolicyEnforcement bean from parameters given.protected org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticatedActionsFilterCreate KeycloakAuthenticatedActionsFilter bean.org.springframework.boot.web.servlet.FilterRegistrationBeankeycloakAuthenticationProcessingFilterRegistrationBean(org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter filter) ReturnFilterRegistrationBeanfilter for keycloak authentication, initially disabled.protected org.springframework.security.web.authentication.session.SessionAuthenticationStrategyCreate SessionAuthenticationStrategy bean.org.keycloak.adapters.AdapterDeploymentContextsslAdapterDeploymentContext(org.apache.http.client.HttpClient sslHttpClient) AdapterDeploymentContext is used by the keycloak lib for requests to the keycloak server.userGroupService(DataContextHolder<UUID> userIdContextHolder, UsersService usersService, DataContextHolder<Set<String>> userRolesContextHolder) Create UserGroupService bean from parameters provided.Create and return User Info Provider.Methods inherited from class org.qubership.atp.auth.springbootstarter.config.AtpKeycloakWebSecurityConfigurerAdapter
adapterDeploymentContext, authenticationEntryPoint, httpSessionManager, keycloakAuthenticatedActionsFilterRegistrationBean, keycloakAuthenticationProcessingFilter, keycloakAuthenticationProvider, keycloakCsrfRequestMatcher, keycloakLogoutHandler, keycloakPreAuthActionsFilter, keycloakPreAuthActionsFilterRegistrationBean, keycloakSecurityContextRequestFilter, keycloakSecurityContextRequestFilterRegistrationBeanMethods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
authenticationManager, authenticationManagerBean, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBeanMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.springframework.security.config.annotation.SecurityConfigurer
init
-
Constructor Details
-
SecurityConfiguration
public SecurityConfiguration()
-
-
Method Details
-
configureGlobal
@Autowired public void configureGlobal(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth) Configure authentication.- Parameters:
auth- AuthenticationManagerBuilder object to be configured.
-
sessionAuthenticationStrategy
@Bean protected org.springframework.security.web.authentication.session.SessionAuthenticationStrategy sessionAuthenticationStrategy()Create SessionAuthenticationStrategy bean.- Specified by:
sessionAuthenticationStrategyin classAtpKeycloakWebSecurityConfigurerAdapter- Returns:
- a new NullAuthenticatedSessionStrategy object.
-
keycloakAuthenticatedActionsFilter
@Bean protected org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticatedActionsFilter keycloakAuthenticatedActionsFilter()Create KeycloakAuthenticatedActionsFilter bean.- Overrides:
keycloakAuthenticatedActionsFilterin classAtpKeycloakWebSecurityConfigurerAdapter- Returns:
- a new AnonymousSupportKeycloakAuthenticatedActionsFilter object.
-
sslAdapterDeploymentContext
@Bean @Primary public org.keycloak.adapters.AdapterDeploymentContext sslAdapterDeploymentContext(org.apache.http.client.HttpClient sslHttpClient) throws Exception AdapterDeploymentContext is used by the keycloak lib for requests to the keycloak server.- Parameters:
sslHttpClient- HttpClient to set in Keycloak Deployment properties- Returns:
- a new AdapterDeploymentContext configured.
- Throws:
Exception
-
keycloakAuthenticationProcessingFilterRegistrationBean
@Bean public org.springframework.boot.web.servlet.FilterRegistrationBean keycloakAuthenticationProcessingFilterRegistrationBean(org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter filter) ReturnFilterRegistrationBeanfilter for keycloak authentication, initially disabled.- Parameters:
filter- KeycloakAuthenticationProcessingFilter bean- Returns:
FilterRegistrationBean
-
entityAccess
@Bean("entityAccess") public PolicyEnforcement entityAccess(UsersService usersService, UserGroupService userGroupService, DataContextHolder<Set<String>> userRolesContextHolder) Create entityAccess PolicyEnforcement bean from parameters given.- Parameters:
usersService- Users ServiceuserGroupService- User Group ServiceuserRolesContextHolder- User Roles Cache- Returns:
- a new EntityAccessEnforcement created and configured.
-
userInfoProvider
Create and return User Info Provider.- Returns:
- a new UserProvider object.
-
configure
public void configure(org.springframework.security.config.annotation.web.builders.WebSecurity web) throws Exception Configure WebSecurity parameter object.- Specified by:
configurein interfaceorg.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity> - Overrides:
configurein classorg.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter- Parameters:
web- WebSecurity object to be configured- Throws:
Exception- in case various configuration exceptions.
-
configure
protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception Configure HttpSecurity.- Overrides:
configurein classAtpKeycloakWebSecurityConfigurerAdapter- Parameters:
http- HttpSecurity object to be configured- Throws:
Exception- in case various configuration exceptions.
-
userGroupService
@Bean("userGroupService") public UserGroupService userGroupService(DataContextHolder<UUID> userIdContextHolder, UsersService usersService, DataContextHolder<Set<String>> userRolesContextHolder) Create UserGroupService bean from parameters provided.- Parameters:
userIdContextHolder- Cache of usersusersService- Users ServiceuserRolesContextHolder- Cache of user roles- Returns:
- UserGroupService bean created and configured.
-