All Implemented Interfaces:

@Configuration(proxyBeanMethods = false)@ConditionalWingsEnabled() 
public class WarlockSecurityConfConfiguration

Since:: 2019-12-01
Author:: trydofor

Nested Class Summary

Nested Classes
Modifier and Type	Class	Description

Field Summary

Fields
Modifier and Type	Field	Description

Constructor Summary

Constructors
Constructor	Description
`WarlockSecurityConfConfiguration()`

Enum Constant Summary

Enum Constants
Enum Constant	Description

Method Summary

Modifier and Type	Method	Description
`WebSecurityCustomizer`	`warlockWebCustomizer(WarlockSecurityProp securityProp, ObjectProvider<HttpFirewall> httpFirewall)`
`HttpSecurityCustomizer`	`warlockSecurityBindHttpConfigure(WarlockSecurityProp securityProp, SessionRegistry sessionRegistry, ObjectProvider<AuthenticationSuccessHandler> authenticationSuccessHandler, ObjectProvider<AuthenticationFailureHandler> authenticationFailureHandler, ObjectProvider<WingsAuthDetailsSource<out Object>> wingsAuthDetailsSource, ObjectProvider<LogoutSuccessHandler> logoutSuccessHandler, ObjectProvider<AccessDeniedHandler> accessDeniedHandler)`
`HttpSecurityCustomizer`	`warlockSecurityAuthHttpConfigure(WarlockSecurityProp securityProp)`
`HttpSecurityCustomizer`	`warlockSecurityHttpBaseConfigure()`
`HttpSecurityCustomizer`	`warlockSecurityAutoHttpConfigure(ObjectProvider<CsrfTokenRepository> csrf, ObjectProvider<RequestCache> cache)`
`SecurityFilterChain`	`securityFilterChain(WarlockSecurityProp securityProp, HttpSecurity http, Map<String, HttpSecurityCustomizer> configures)`	The URL paths provided by the framework are /oauth/authorize (the authorization endpoint), /oauth/token (the token endpoint), /oauth/confirm_access (user posts approval for grants here), /oauth/error (used to render errors in the authorization server), /oauth/check_token (used by Resource Servers to decode access tokens), and /oauth/token_key (exposes public key for token verification if using JWT tokens).
`ApplicationRunnerOrdered`	`securityCheckUrlRunner(WarlockSecurityProp securityProp, ApplicationContext ctx)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- WarlockSecurityConfConfiguration
```
WarlockSecurityConfConfiguration()
```

Method Detail

warlockWebCustomizer

@Bean()@ConditionalWingsEnabled(abs = WarlockEnabledProp.Key$secWebAuto) WebSecurityCustomizer warlockWebCustomizer(WarlockSecurityProp securityProp, ObjectProvider<HttpFirewall> httpFirewall)

warlockSecurityBindHttpConfigure

@Bean()@ConditionalWingsEnabled(abs = WarlockEnabledProp.Key$secHttpBind)@Order(value = "WingsOrdered.Lv4Application + 200") HttpSecurityCustomizer warlockSecurityBindHttpConfigure(WarlockSecurityProp securityProp, SessionRegistry sessionRegistry, ObjectProvider<AuthenticationSuccessHandler> authenticationSuccessHandler, ObjectProvider<AuthenticationFailureHandler> authenticationFailureHandler, ObjectProvider<WingsAuthDetailsSource<out Object>> wingsAuthDetailsSource, ObjectProvider<LogoutSuccessHandler> logoutSuccessHandler, ObjectProvider<AccessDeniedHandler> accessDeniedHandler)

warlockSecurityAuthHttpConfigure

@Bean()@ConditionalWingsEnabled(abs = WarlockEnabledProp.Key$secHttpAuth)@Order(value = "WingsOrdered.Lv4Application + 300") HttpSecurityCustomizer warlockSecurityAuthHttpConfigure(WarlockSecurityProp securityProp)

warlockSecurityHttpBaseConfigure

@Bean()@ConditionalWingsEnabled(abs = WarlockEnabledProp.Key$secHttpBase)@Order(value = "WingsOrdered.Lv4Application + 100") HttpSecurityCustomizer warlockSecurityHttpBaseConfigure()

warlockSecurityAutoHttpConfigure

@Bean()@ConditionalWingsEnabled(abs = WarlockEnabledProp.Key$secHttpAuto)@Order(value = "WingsOrdered.Lv4Application + 400") HttpSecurityCustomizer warlockSecurityAutoHttpConfigure(ObjectProvider<CsrfTokenRepository> csrf, ObjectProvider<RequestCache> cache)

securityFilterChain
```
@Bean()@ConditionalWingsEnabled(abs = WarlockEnabledProp.Key$secHttpChain)@Order(value = "WingsOrdered.Lv4Application + 900") SecurityFilterChain securityFilterChain(WarlockSecurityProp securityProp, HttpSecurity http, Map<String, HttpSecurityCustomizer> configures)
```
The URL paths provided by the framework are /oauth/authorize (the authorization endpoint), /oauth/token (the token endpoint), /oauth/confirm_access (user posts approval for grants here), /oauth/error (used to render errors in the authorization server), /oauth/check_token (used by Resource Servers to decode access tokens), and /oauth/token_key (exposes public key for token verification if using JWT tokens).
Note: if your Authorization Server is also a Resource Server then there is another security filter chain with lower priority controlling the API resources. Fo those requests to be protected by access tokens you need their paths not to be matched by the ones in the main user-facing filter chain, so be sure to include a request matcher that picks out only non-API resources in the WebSecurityConfigurer above.

securityCheckUrlRunner

@Bean()@ConditionalWingsEnabled(abs = WarlockEnabledProp.Key$secCheckUrl) ApplicationRunnerOrdered securityCheckUrlRunner(WarlockSecurityProp securityProp, ApplicationContext ctx)

Class WarlockSecurityConfConfiguration

Nested Class Summary

Field Summary

Constructor Summary

Enum Constant Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

WarlockSecurityConfConfiguration

Method Detail

warlockWebCustomizer

warlockSecurityBindHttpConfigure

warlockSecurityAuthHttpConfigure

warlockSecurityHttpBaseConfigure

warlockSecurityAutoHttpConfigure

securityFilterChain

securityCheckUrlRunner