View Javadoc
1   /*
2    * Copyright 2013-2014 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
5    * the License. You may obtain a copy of the License at
6    *
7    * https://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
10   * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
11   * specific language governing permissions and limitations under the License.
12   */
13  
14  package org.springframework.security.oauth2.config.annotation.web.configuration;
15  
16  import java.lang.annotation.Documented;
17  import java.lang.annotation.ElementType;
18  import java.lang.annotation.Retention;
19  import java.lang.annotation.RetentionPolicy;
20  import java.lang.annotation.Target;
21  
22  import org.springframework.context.annotation.Import;
23  import org.springframework.core.annotation.Order;
24  import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
25  import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
26  
27  /**
28   * Convenient annotation for OAuth2 Resource Servers, enabling a Spring Security filter that authenticates requests via
29   * an incoming OAuth2 token. Users should add this annotation and provide a <code>@Bean</code> of type
30   * {@link ResourceServerConfigurer} (e.g. via {@link ResourceServerConfigurerAdapter}) that specifies the details of the
31   * resource (URL paths and resource id). In order to use this filter you must {@link EnableWebSecurity
32   * &#064;EnableWebSecurity} somewhere in your application, either in the same place as you use this annotation, or
33   * somewhere else.
34   * 
35   * <p>
36   * The annotation creates a {@link WebSecurityConfigurerAdapter} with a hard-coded {@link Order} (of 3). It's not
37   * possible to change the order right now owing to technical limitations in Spring, so you must avoid using order=3 in
38   * other WebSecurityConfigurerAdapters in your application (Spring Security will let you know if you forget).
39   * 
40   * @author Dave Syer
41   * 
42   */
43  @Target(ElementType.TYPE)
44  @Retention(RetentionPolicy.RUNTIME)
45  @Documented
46  @Import(ResourceServerConfiguration.class)
47  public @interface EnableResourceServer {
48  
49  }