Class GrpcSecurity

java.lang.Object

org.springframework.security.config.annotation.AbstractSecurityBuilder<AuthenticationProcessInterceptor>

org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder<AuthenticationProcessInterceptor, GrpcSecurity>

org.springframework.grpc.server.security.GrpcSecurity

All Implemented Interfaces:

org.springframework.security.config.annotation.SecurityBuilder<AuthenticationProcessInterceptor>

public final class GrpcSecurity
extends org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder<AuthenticationProcessInterceptor, GrpcSecurity>

The GrpcSecurity class is responsible for configuring the security settings for a gRPC server. It provides methods to configure authentication providers, user details service, and authentication extractors. The class also defines some static constants, such as the AUTHORIZATION_KEY can be used in your security configuration. The class also provides various methods to configure different authentication mechanisms, such as pre-authentication, HTTP basic authentication, and custom authentication extractors.

Author:

Dave Syer

Field Summary

Fields

Modifier and Type	Field	Description
static final int	CONTEXT_FILTER_ORDER	The order value for the context filter in the gRPC security framework.
static io.grpc.Context.Key<org.springframework.security.core.context.SecurityContext>	SECURITY_CONTEXT_KEY	Key for the SecurityContext in the gRPC Context.

Constructor Summary

Constructors

Constructor	Description
GrpcSecurity(org.springframework.security.config.ObjectPostProcessor<Object> objectPostProcessor, org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder authenticationBuilder, org.springframework.context.ApplicationContext context)

Method Summary

Modifier and Type	Method	Description
GrpcSecurity	authenticationExtractor(GrpcAuthenticationExtractor authenticationExtractor)
GrpcSecurity	authenticationManager(org.springframework.security.authentication.AuthenticationManager authenticationManager)
GrpcSecurity	authenticationProvider(org.springframework.security.authentication.AuthenticationProvider authenticationProvider)
GrpcSecurity	authorizationManager(org.springframework.security.authorization.AuthorizationManager<CallContext> authorizationManager)
GrpcSecurity	authorizeRequests(org.springframework.security.config.Customizer<RequestMapperConfigurer> customizer)
GrpcSecurity	httpBasic(org.springframework.security.config.Customizer<HttpBasicConfigurer<GrpcSecurity>> customizer)
GrpcSecurity	oauth2ResourceServer(org.springframework.security.config.Customizer<OAuth2ResourceServerConfigurer> customizer)
protected AuthenticationProcessInterceptor	performBuild()
GrpcSecurity	preauth(org.springframework.security.config.Customizer<PreAuthConfigurer<GrpcSecurity>> customizer)
GrpcSecurity	userDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)

Methods inherited from class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder

apply, beforeConfigure, beforeInit, doBuild, getConfigurer, getConfigurers, getOrBuild, getSharedObject, getSharedObjects, objectPostProcessor, postProcess, removeConfigurer, removeConfigurers, setSharedObject, with, with

Methods inherited from class org.springframework.security.config.annotation.AbstractSecurityBuilder

build, getObject

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

CONTEXT_FILTER_ORDER

public static final int CONTEXT_FILTER_ORDER

The order value for the context filter in the gRPC security framework. This constant defines the position of the context filter in the filter chain. A lower value indicates higher precedence.

See Also:

• Constant Field Values

SECURITY_CONTEXT_KEY

public static io.grpc.Context.Key<org.springframework.security.core.context.SecurityContext> SECURITY_CONTEXT_KEY

Key for the SecurityContext in the gRPC Context.

Constructor Details

GrpcSecurity

public GrpcSecurity(org.springframework.security.config.ObjectPostProcessor<Object> objectPostProcessor,
 org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder authenticationBuilder,
 org.springframework.context.ApplicationContext context)

Method Details

performBuild

protected AuthenticationProcessInterceptor performBuild()

Specified by:

performBuild in class org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder<AuthenticationProcessInterceptor, GrpcSecurity>

authenticationProvider

public GrpcSecurity authenticationProvider(org.springframework.security.authentication.AuthenticationProvider authenticationProvider)

userDetailsService

public GrpcSecurity userDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
                                throws Exception

Throws:

Exception

preauth

public GrpcSecurity preauth(org.springframework.security.config.Customizer<PreAuthConfigurer<GrpcSecurity>> customizer)
                     throws Exception

Throws:

Exception

httpBasic

public GrpcSecurity httpBasic(org.springframework.security.config.Customizer<HttpBasicConfigurer<GrpcSecurity>> customizer)
                       throws Exception

Throws:

Exception

authorizeRequests

public GrpcSecurity authorizeRequests(org.springframework.security.config.Customizer<RequestMapperConfigurer> customizer)
                               throws Exception

Throws:

Exception

oauth2ResourceServer

public GrpcSecurity oauth2ResourceServer(org.springframework.security.config.Customizer<OAuth2ResourceServerConfigurer> customizer)
                                  throws Exception

Throws:

Exception

authenticationManager

public GrpcSecurity authenticationManager(org.springframework.security.authentication.AuthenticationManager authenticationManager)

authenticationExtractor

public GrpcSecurity authenticationExtractor(GrpcAuthenticationExtractor authenticationExtractor)

authorizationManager

public GrpcSecurity authorizationManager(org.springframework.security.authorization.AuthorizationManager<CallContext> authorizationManager)