Package pro.fessional.wings.warlock.spring.prop

Class WarlockSecurityProp

  • All Implemented Interfaces:
    @ConfigurationProperties(value = WarlockSecurityProp.Key) 
public class WarlockSecurityProp

    The order of config is from loose to strict. `webIgnore` >`PermitAll` >`Authenticated` >`Authority` >`AnyRequest` at the end. if value is `-` or `empty`, means ignore this key.

    Spring Security setting. wings-warlock-security-77.properties

    Since:

    2021-02-13

    Author:

    trydofor

    • Constructor Detail

      • WarlockSecurityProp

        WarlockSecurityProp()

    • Method Detail

      • getLoginPage

         String getLoginPage()

        the redirect page when not login, need to have controller to handle.

      • setLoginPage

         void setLoginPage(String loginPage)

        the redirect page when not login, need to have controller to handle.

      • getLoginProcUrl

         String getLoginProcUrl()

        loginProcessingUrl, the Ant style URL for processing login, handled by filter, no controller required. Support `authType` and `authZone` variables, which can be obtained via param or path (PathPattern)

      • setLoginProcUrl

         void setLoginProcUrl(String loginProcUrl)

        loginProcessingUrl, the Ant style URL for processing login, handled by filter, no controller required. Support `authType` and `authZone` variables, which can be obtained via param or path (PathPattern)

      • setLoginProcMethod

         void setLoginProcMethod(Set<String> loginProcMethod)

        Spring is POST only to better follow RESTful, but Oauth has Get.

      • getLogoutUrl

         String getLogoutUrl()

        logout url, handled by filter, no controller required.

      • setLogoutUrl

         void setLogoutUrl(String logoutUrl)

        logout url, handled by filter, no controller required.

      • setLoginSuccessBody

         void setLoginSuccessBody(String loginSuccessBody)

        the response body if no redirect after successful login.

      • getLogoutSuccessBody

         String getLogoutSuccessBody()

        the response body after successful logout, no handler is injected when empty.

      • setLogoutSuccessBody

         void setLogoutSuccessBody(String logoutSuccessBody)

        the response body after successful logout, no handler is injected when empty.

      • getSessionMaximum

         int getSessionMaximum()

        the response body after successful logout, no handler is injected when empty.

      • setSessionMaximum

         void setSessionMaximum(int sessionMaximum)

        the response body after successful logout, no handler is injected when empty.

      • getRolePrefix

         String getRolePrefix()

        GrantedAuthorityDefaults, suggest keeping the same with spring, do not edit.

      • setRolePrefix

         void setRolePrefix(String rolePrefix)

        GrantedAuthorityDefaults, suggest keeping the same with spring, do not edit.

      • setWebIgnore

         void setWebIgnore(Map<String, String> webIgnore)

        (1) ignored items, antMatcher, no need of SecurityFilter, such as static resources.

      • getAuthority

         Map<String, Set<String>> getAuthority()

        (4) has authority, antMatcher. merge authority by URL grouping, and finally set the URL in reverse ASCII order, i.e., the English number comes before the `*`, and the loose rule comes after.

      • setAuthority

         void setAuthority(Map<String, Set<String>> authority)

        (4) has authority, antMatcher. merge authority by URL grouping, and finally set the URL in reverse ASCII order, i.e., the English number comes before the `*`, and the loose rule comes after.

      • getAnyRequest

         String getAnyRequest()
        (5) defaults, `String`, support the followings.
- `permitAll`|`authenticated`|`anonymous`|`fullyAuthenticated`
- any non-empty, non-above string, considered as `Authority`, use `comma` or `blank` to separate multiple ones.

      • setAnyRequest

         void setAnyRequest(String anyRequest)
        (5) defaults, `String`, support the followings.
- `permitAll`|`authenticated`|`anonymous`|`fullyAuthenticated`
- any non-empty, non-above string, considered as `Authority`, use `comma` or `blank` to separate multiple ones.

      • getAuthTypeDefault

         String getAuthTypeDefault()

        Supported validation types, enum full path, one-to-one, otherwise reverse parsing problem; no `-`, `default` is a special value used when there is no match.

      • setAuthTypeDefault

         void setAuthTypeDefault(String authTypeDefault)

        Supported validation types, enum full path, one-to-one, otherwise reverse parsing problem; no `-`, `default` is a special value used when there is no match.

      • getZonePerm

         Map<String, Set<String>> getZonePerm()

        Map permissions to authZone, if you have one of them, you can login, otherwise, it will fail with wrong username and password.

      • setZonePerm

         void setZonePerm(Map<String, Set<String>> zonePerm)

        Map permissions to authZone, if you have one of them, you can login, otherwise, it will fail with wrong username and password.

      • getAppPerm

         Map<String, Set<String>> getAppPerm()

        Map permissions to spring.application.name, if you have one of them, you can login, otherwise, it will fail with wrong username and password. Support AntPath, eg. `wings-*`, merge all matching permissions, wings default app is `wings-default`.

      • setAppPerm

         void setAppPerm(Map<String, Set<String>> appPerm)

        Map permissions to spring.application.name, if you have one of them, you can login, otherwise, it will fail with wrong username and password. Support AntPath, eg. `wings-*`, merge all matching permissions, wings default app is `wings-default`.

      • setNonceCacheManager

         void setNonceCacheManager(String nonceCacheManager)

        bean name of cache-manager, same as `wings.slardar.cache.primary`.

      • setAutoregAuthType

         void setAutoregAuthType(Set<String> autoregAuthType)

        which auth-type support to auto register new user. eg. `github,weibo`

      • getAutoregMaxFailed

         int getAutoregMaxFailed()

        max mumber of consecutive failures for auto-registering users, and locking the account when reached.

      • setAutoregMaxFailed

         void setAutoregMaxFailed(int autoregMaxFailed)

        max mumber of consecutive failures for auto-registering users, and locking the account when reached.

      • getAutoregExpired

         Duration getAutoregExpired()

        credential expiration time for auto-registering users, default 3652 days (10 years)

      • setAutoregExpired

         void setAutoregExpired(Duration autoregExpired)

        credential expiration time for auto-registering users, default 3652 days (10 years)

      • getMemUser

         Map<String, WarlockSecurityProp.Mu> getMemUser()
        Configure memory user, usually used for special user login.
- key is the description, override if duplicate, suggest `username`+(`/`+`auth-type`)?
- `auth-type=`, to match all auth-type.
- For other settings, see WarlockAuthnService.Details and its defaults.

      • setMemUser

         void setMemUser(Map<String, WarlockSecurityProp.Mu> memUser)
        Configure memory user, usually used for special user login.
- key is the description, override if duplicate, suggest `username`+(`/`+`auth-type`)?
- `auth-type=`, to match all auth-type.
- For other settings, see WarlockAuthnService.Details and its defaults.

      • isWebDebug

         boolean isWebDebug()

        whether to enable WebSecurity.debug

      • isAnonymous

         boolean isAnonymous()

        whether to enable anonymous

      • isLoginForward

         boolean isLoginForward()

        true to forward in servlet, otherwise redirect(302)

      • setWebDebug

         void setWebDebug(boolean webDebug)

        whether to enable WebSecurity.debug

      • setAuthorityRole

         void setAuthorityRole(boolean authorityRole)

        whether to use Role in AuthX.

      • setAuthorityPerm

         void setAuthorityPerm(boolean authorityPerm)

        whether to use Perm in AuthX.

      • setAnonymous

         void setAnonymous(boolean anonymous)

        whether to enable anonymous

      • setLoginForward

         void setLoginForward(boolean loginForward)

        true to forward in servlet, otherwise redirect(302)

      • setLoginSuccessRedirect

         void setLoginSuccessRedirect(boolean loginSuccessRedirect)

        whether to redirect after successful login.