org.springframework.boot.autoconfigure.security

Class SecurityProperties

java.lang.Object

org.springframework.boot.autoconfigure.security.SecurityProperties

All Implemented Interfaces:

SecurityPrequisite

@ConfigurationProperties(prefix="security",
                         ignoreUnknownFields=false)
public class SecurityProperties
extends Object
implements SecurityPrequisite

Properties for the security aspects of an application.

Author:

Dave Syer

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SecurityProperties.Basic
static class	SecurityProperties.Headers
static class	SecurityProperties.User

Field Summary

Fields

Modifier and Type	Field and Description
static int	ACCESS_OVERRIDE_ORDER Order before the basic authentication access control provided by Boot.
static int	BASIC_AUTH_ORDER Order applied to the WebSecurityConfigurerAdapter that is used to configure basic authentication for application endpoints.
static int	IGNORED_ORDER Order applied to the WebSecurityConfigurer that ignores standard static resource paths.

Constructor Summary

Constructors

Constructor and Description
SecurityProperties()

Method Summary

Methods

Modifier and Type	Method and Description
SecurityProperties.Basic	getBasic()
SecurityProperties.Headers	getHeaders()
List<String>	getIgnored()
SessionCreationPolicy	getSessions()
SecurityProperties.User	getUser()
boolean	isEnableCsrf()
boolean	isRequireSsl()
void	setBasic(SecurityProperties.Basic basic)
void	setEnableCsrf(boolean enableCsrf)
void	setIgnored(List<String> ignored)
void	setRequireSsl(boolean requireSsl)
void	setSessions(SessionCreationPolicy sessions)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ACCESS_OVERRIDE_ORDER

public static final int ACCESS_OVERRIDE_ORDER

Order before the basic authentication access control provided by Boot. This is a useful place to put user-defined access rules if you want to override the default access rules.

See Also:

Constant Field Values

BASIC_AUTH_ORDER

public static final int BASIC_AUTH_ORDER

Order applied to the WebSecurityConfigurerAdapter that is used to configure basic authentication for application endpoints. If you want to add your own authentication for all or some of those endpoints the best thing to do is add your own WebSecurityConfigurerAdapter with lower order.

See Also:

Constant Field Values

IGNORED_ORDER

public static final int IGNORED_ORDER

Order applied to the WebSecurityConfigurer that ignores standard static resource paths.

See Also:

Constant Field Values

Constructor Detail

SecurityProperties

public SecurityProperties()

Method Detail

getHeaders

public SecurityProperties.Headers getHeaders()

getUser

public SecurityProperties.User getUser()

getSessions

public SessionCreationPolicy getSessions()

setSessions

public void setSessions(SessionCreationPolicy sessions)

getBasic

public SecurityProperties.Basic getBasic()

setBasic

public void setBasic(SecurityProperties.Basic basic)

isRequireSsl

public boolean isRequireSsl()

setRequireSsl

public void setRequireSsl(boolean requireSsl)

isEnableCsrf

public boolean isEnableCsrf()

setEnableCsrf

public void setEnableCsrf(boolean enableCsrf)

setIgnored

public void setIgnored(List<String> ignored)

getIgnored

public List<String> getIgnored()