Package com.almis.awe.autoconfigure
Class WebSecurityConfig
- java.lang.Object
-
- com.almis.awe.autoconfigure.WebSecurityConfig
-
@Configuration @EnableWebSecurity @Import({AweAutoConfiguration.class,SessionConfig.class}) @EnableGlobalMethodSecurity(securedEnabled=true, prePostEnabled=true) @EnableConfigurationProperties({BaseConfigProperties.class,SecurityConfigProperties.class}) public class WebSecurityConfig extends ObjectWeb security configuration class.Used to configure security for web application.
-
-
Constructor Summary
Constructors Constructor Description WebSecurityConfig(org.springframework.context.ApplicationContext context, BaseConfigProperties baseConfigProperties, SecurityConfigProperties securityConfigProperties, AweSessionDetails sessionDetails, AweElements elements, ActionService actionService, com.fasterxml.jackson.databind.ObjectMapper objectMapper)Web security config constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description org.springframework.security.web.access.AccessDeniedHandleraccessDeniedHandler()Access denied handler.org.springframework.security.web.AuthenticationEntryPointactionAuthenticationEntryPoint(AweSessionDetails sessionDetails)Authentication entry point.org.springframework.security.authentication.AuthenticationManagerauthenticationManager(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration authenticationConfiguration)org.springframework.security.web.SecurityFilterChainfilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity)Awe Rest http security filter chainJsonAuthenticationFilterjsonAuthenticationFilter(BaseConfigProperties baseConfigProperties, AweElements elements, ActionService actionService, com.fasterxml.jackson.databind.ObjectMapper objectMapper)Username and password authentication filterAweLogoutHandlerlogoutHandler(AweSessionDetails sessionDetails)Logout handlerPublicQueryMaintainFilterpublicQueryMaintainFilter()Query and Maintain public filter.
-
-
-
Constructor Detail
-
WebSecurityConfig
@Autowired public WebSecurityConfig(org.springframework.context.ApplicationContext context, BaseConfigProperties baseConfigProperties, SecurityConfigProperties securityConfigProperties, AweSessionDetails sessionDetails, AweElements elements, ActionService actionService, com.fasterxml.jackson.databind.ObjectMapper objectMapper)Web security config constructor.- Parameters:
context- Application contextbaseConfigProperties- Base config propertiessecurityConfigProperties- Security config propertiessessionDetails- Session detailselements- Awe elementsactionService- Action serviceobjectMapper- Object mapper
-
-
Method Detail
-
filterChain
@Bean(name="aweSecurityFilterChain") public org.springframework.security.web.SecurityFilterChain filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity) throws ExceptionAwe Rest http security filter chain- Parameters:
httpSecurity- Http security- Returns:
- security filter chain
- Throws:
Exception- Spring http security error
-
authenticationManager
@Bean public org.springframework.security.authentication.AuthenticationManager authenticationManager(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration authenticationConfiguration) throws Exception- Throws:
Exception
-
accessDeniedHandler
@Bean public org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler()
Access denied handler. Handle forbidden access (403)- Returns:
- Access denied handler
-
actionAuthenticationEntryPoint
@Bean public org.springframework.security.web.AuthenticationEntryPoint actionAuthenticationEntryPoint(AweSessionDetails sessionDetails)
Authentication entry point. Handle exceptions for awe actions- Parameters:
sessionDetails- AWE session details- Returns:
- AuthenticationEntryPoint
-
logoutHandler
@Bean public AweLogoutHandler logoutHandler(AweSessionDetails sessionDetails)
Logout handler- Parameters:
sessionDetails- AWE session details- Returns:
- AweLogoutHandler
-
publicQueryMaintainFilter
@Bean public PublicQueryMaintainFilter publicQueryMaintainFilter()
Query and Maintain public filter. Filter /action/maintain or /action/data to verify if target is public- Returns:
- PublicQueryMaintainFilter
-
jsonAuthenticationFilter
@Bean public JsonAuthenticationFilter jsonAuthenticationFilter(BaseConfigProperties baseConfigProperties, AweElements elements, ActionService actionService, com.fasterxml.jackson.databind.ObjectMapper objectMapper)
Username and password authentication filter- Returns:
- Json Authentication filter
-
-