Class WebSecurityConfig

    • Constructor Detail

      • WebSecurityConfig

        @Autowired
        public WebSecurityConfig​(org.springframework.context.ApplicationContext context,
                                 BaseConfigProperties baseConfigProperties,
                                 SecurityConfigProperties securityConfigProperties,
                                 AweSessionDetails sessionDetails,
                                 AweElements elements,
                                 ActionService actionService,
                                 com.fasterxml.jackson.databind.ObjectMapper objectMapper)
        Web security config constructor.
        Parameters:
        context - Application context
        baseConfigProperties - Base config properties
        securityConfigProperties - Security config properties
        sessionDetails - Session details
        elements - Awe elements
        actionService - Action service
        objectMapper - Object mapper
    • Method Detail

      • filterChain

        @Bean(name="aweSecurityFilterChain")
        public org.springframework.security.web.SecurityFilterChain filterChain​(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity)
                                                                         throws Exception
        Awe Rest http security filter chain
        Parameters:
        httpSecurity - Http security
        Returns:
        security filter chain
        Throws:
        Exception - Spring http security error
      • authenticationManager

        @Bean
        public org.springframework.security.authentication.AuthenticationManager authenticationManager​(org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration authenticationConfiguration)
                                                                                                throws Exception
        Throws:
        Exception
      • accessDeniedHandler

        @Bean
        public org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler()
        Access denied handler. Handle forbidden access (403)
        Returns:
        Access denied handler
      • actionAuthenticationEntryPoint

        @Bean
        public org.springframework.security.web.AuthenticationEntryPoint actionAuthenticationEntryPoint​(AweSessionDetails sessionDetails)
        Authentication entry point. Handle exceptions for awe actions
        Parameters:
        sessionDetails - AWE session details
        Returns:
        AuthenticationEntryPoint
      • logoutHandler

        @Bean
        public AweLogoutHandler logoutHandler​(AweSessionDetails sessionDetails)
        Logout handler
        Parameters:
        sessionDetails - AWE session details
        Returns:
        AweLogoutHandler
      • publicQueryMaintainFilter

        @Bean
        public PublicQueryMaintainFilter publicQueryMaintainFilter()
        Query and Maintain public filter. Filter /action/maintain or /action/data to verify if target is public
        Returns:
        PublicQueryMaintainFilter