Class GrpcSecurity
java.lang.Object
org.springframework.security.config.annotation.AbstractSecurityBuilder<AuthenticationProcessInterceptor>
org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder<AuthenticationProcessInterceptor, GrpcSecurity>
org.springframework.grpc.server.security.GrpcSecurity
- All Implemented Interfaces:
org.springframework.security.config.annotation.SecurityBuilder<AuthenticationProcessInterceptor>
public final class GrpcSecurity
extends org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder<AuthenticationProcessInterceptor, GrpcSecurity>
The
GrpcSecurity class is responsible for configuring the security
settings for a gRPC server. It provides methods to configure authentication providers,
user details service, and authentication extractors.
The class also defines some static constants, such as the
AUTHORIZATION_KEY can be used in your security configuration.
The class also provides various methods to configure different authentication
mechanisms, such as pre-authentication, HTTP basic authentication, and custom
authentication extractors.- Author:
- Dave Syer
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final io.grpc.Metadata.Key<String> A constant key used for storing and retrieving the "Authorization" header from gRPC metadata.static final intThe order value for the context filter in the gRPC security framework.static io.grpc.Context.Key<org.springframework.security.core.context.SecurityContext> Key for the SecurityContext in the gRPC Context. -
Constructor Summary
ConstructorsConstructorDescriptionGrpcSecurity(org.springframework.security.config.ObjectPostProcessor<Object> objectPostProcessor, org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder authenticationBuilder, org.springframework.context.ApplicationContext context) -
Method Summary
Modifier and TypeMethodDescriptionauthenticationExtractor(GrpcAuthenticationExtractor authenticationExtractor) authenticationManager(org.springframework.security.authentication.AuthenticationManager authenticationManager) authenticationProvider(org.springframework.security.authentication.AuthenticationProvider authenticationProvider) authorizationManager(org.springframework.security.authorization.AuthorizationManager<CallContext> authorizationManager) authorizeRequests(org.springframework.security.config.Customizer<RequestMapperConfigurer> customizer) httpBasic(org.springframework.security.config.Customizer<HttpBasicConfigurer<GrpcSecurity>> customizer) oauth2ResourceServer(org.springframework.security.config.Customizer<OAuth2ResourceServerConfigurer> customizer) protected AuthenticationProcessInterceptorpreauth(org.springframework.security.config.Customizer<PreAuthConfigurer<GrpcSecurity>> customizer) userDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService) Methods inherited from class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
apply, beforeConfigure, beforeInit, doBuild, getConfigurer, getConfigurers, getOrBuild, getSharedObject, getSharedObjects, objectPostProcessor, postProcess, removeConfigurer, removeConfigurers, setSharedObject, with, withMethods inherited from class org.springframework.security.config.annotation.AbstractSecurityBuilder
build, getObject
-
Field Details
-
AUTHORIZATION_KEY
A constant key used for storing and retrieving the "Authorization" header from gRPC metadata. This key is used to handle authorization information in gRPC requests.The key is defined with the name "Authorization" and uses the ASCII string marshaller for encoding and decoding the header value.
-
CONTEXT_FILTER_ORDER
public static final int CONTEXT_FILTER_ORDERThe order value for the context filter in the gRPC security framework. This constant defines the position of the context filter in the filter chain. A lower value indicates higher precedence.- See Also:
-
SECURITY_CONTEXT_KEY
public static io.grpc.Context.Key<org.springframework.security.core.context.SecurityContext> SECURITY_CONTEXT_KEYKey for the SecurityContext in the gRPC Context.
-
-
Constructor Details
-
GrpcSecurity
public GrpcSecurity(org.springframework.security.config.ObjectPostProcessor<Object> objectPostProcessor, org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder authenticationBuilder, org.springframework.context.ApplicationContext context)
-
-
Method Details
-
performBuild
- Specified by:
performBuildin classorg.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder<AuthenticationProcessInterceptor, GrpcSecurity>
-
authenticationProvider
public GrpcSecurity authenticationProvider(org.springframework.security.authentication.AuthenticationProvider authenticationProvider) -
userDetailsService
public GrpcSecurity userDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService) throws Exception - Throws:
Exception
-
preauth
public GrpcSecurity preauth(org.springframework.security.config.Customizer<PreAuthConfigurer<GrpcSecurity>> customizer) throws Exception - Throws:
Exception
-
httpBasic
public GrpcSecurity httpBasic(org.springframework.security.config.Customizer<HttpBasicConfigurer<GrpcSecurity>> customizer) throws Exception - Throws:
Exception
-
authorizeRequests
public GrpcSecurity authorizeRequests(org.springframework.security.config.Customizer<RequestMapperConfigurer> customizer) throws Exception - Throws:
Exception
-
oauth2ResourceServer
public GrpcSecurity oauth2ResourceServer(org.springframework.security.config.Customizer<OAuth2ResourceServerConfigurer> customizer) throws Exception - Throws:
Exception
-
authenticationManager
public GrpcSecurity authenticationManager(org.springframework.security.authentication.AuthenticationManager authenticationManager) -
authenticationExtractor
-
authorizationManager
public GrpcSecurity authorizationManager(org.springframework.security.authorization.AuthorizationManager<CallContext> authorizationManager)
-