org.springframework.security.oauth2.config.annotation.web.configuration

Interface ResourceServerConfigurer

All Known Implementing Classes:

ResourceServerConfigurerAdapter

public interface ResourceServerConfigurer

Configurer interface for @EnableResourceServer classes. Implement this interface to adjust the access rules and paths that are protected by OAuth2 security. Applications may provide multiple instances of this interface, and in general (like with other Security configurers), if more than one configures the same property, then the last one wins. The configurers are sorted by Order before being applied.

Author:

Dave Syer

Method Summary

Methods

Modifier and Type	Method and Description
void	configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) Use this to configure the access rules for secure resources.
void	configure(ResourceServerSecurityConfigurer resources) Add resource-server specific properties (like a resource id).

Method Detail

configure

void configure(ResourceServerSecurityConfigurer resources)
               throws Exception

Add resource-server specific properties (like a resource id). The defaults should work for many applications, but you might want to change at least the resource id.

Parameters:

resources - configurer for the resource server

Throws:

Exception - if there is a problem

configure

void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
               throws Exception

Use this to configure the access rules for secure resources. By default all resources not in "/oauth/**" are protected (but no specific rules about scopes are given, for instance). You also get an OAuth2WebSecurityExpressionHandler by default.

Parameters:

http - the current http filter configuration

Throws:

Exception - if there is a problem