ResourceServerSecurityConfigurer (OAuth for Spring Security 2.4.0.BUILD-SNAPSHOT API)

java.lang.Object
- org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,org.springframework.security.config.annotation.web.builders.HttpSecurity>
- - org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer

All Implemented Interfaces:: org.springframework.security.config.annotation.SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,org.springframework.security.config.annotation.web.builders.HttpSecurity>

public final class ResourceServerSecurityConfigurer
extends org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,org.springframework.security.config.annotation.web.builders.HttpSecurity>

Since:: 2.0.0
Author:: Rob Winch, Dave Syer

Constructor Summary

Constructors
Constructor and Description

ResourceServerSecurityConfigurer()

Constructors
Constructor and Description
`ResourceServerSecurityConfigurer()`

Method Summary

Methods
Modifier and Type	Method and Description
`ResourceServerSecurityConfigurer`	`accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler)`
`ResourceServerSecurityConfigurer`	`authenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<javax.servlet.http.HttpServletRequest,?> authenticationDetailsSource)` Sets a custom `AuthenticationDetailsSource` to use as a source of authentication details.
`ResourceServerSecurityConfigurer`	`authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint)`
`ResourceServerSecurityConfigurer`	`authenticationManager(org.springframework.security.authentication.AuthenticationManager authenticationManager)`
`void`	`configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)`
`ResourceServerSecurityConfigurer`	`eventPublisher(org.springframework.security.authentication.AuthenticationEventPublisher eventPublisher)`
`ResourceServerSecurityConfigurer`	`expressionHandler(org.springframework.security.access.expression.SecurityExpressionHandler<org.springframework.security.web.FilterInvocation> expressionHandler)`
`org.springframework.security.web.access.AccessDeniedHandler`	`getAccessDeniedHandler()`
`TokenStore`	`getTokenStore()`
`void`	`init(org.springframework.security.config.annotation.web.builders.HttpSecurity http)`
`ResourceServerSecurityConfigurer`	`resourceId(String resourceId)`
`ResourceServerSecurityConfigurer`	`stateless(boolean stateless)` Flag to indicate that only token-based authentication is allowed on these resources.
`ResourceServerSecurityConfigurer`	`tokenExtractor(TokenExtractor tokenExtractor)`
`ResourceServerSecurityConfigurer`	`tokenServices(ResourceServerTokenServices tokenServices)`
`ResourceServerSecurityConfigurer`	`tokenStore(TokenStore tokenStore)`

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- ResourceServerSecurityConfigurer
```
public ResourceServerSecurityConfigurer()
```

Method Detail

getTokenStore
```
public TokenStore getTokenStore()
```

stateless
```
public ResourceServerSecurityConfigurer stateless(boolean stateless)
```
Flag to indicate that only token-based authentication is allowed on these resources.

Parameters:
stateless - the flag value (default true)

Returns:
this (for fluent builder)

authenticationEntryPoint

public ResourceServerSecurityConfigurer authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint)

accessDeniedHandler

public ResourceServerSecurityConfigurer accessDeniedHandler(org.springframework.security.web.access.AccessDeniedHandler accessDeniedHandler)

tokenStore

public ResourceServerSecurityConfigurer tokenStore(TokenStore tokenStore)

eventPublisher

public ResourceServerSecurityConfigurer eventPublisher(org.springframework.security.authentication.AuthenticationEventPublisher eventPublisher)

expressionHandler

public ResourceServerSecurityConfigurer expressionHandler(org.springframework.security.access.expression.SecurityExpressionHandler<org.springframework.security.web.FilterInvocation> expressionHandler)

tokenExtractor

public ResourceServerSecurityConfigurer tokenExtractor(TokenExtractor tokenExtractor)

authenticationDetailsSource
```
public ResourceServerSecurityConfigurer authenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<javax.servlet.http.HttpServletRequest,?> authenticationDetailsSource)
```
Sets a custom AuthenticationDetailsSource to use as a source of authentication details. The default is OAuth2AuthenticationDetailsSource.

Parameters:
authenticationDetailsSource - the custom AuthenticationDetailsSource to use

Returns:
ResourceServerSecurityConfigurer for additional customization

authenticationManager

public ResourceServerSecurityConfigurer authenticationManager(org.springframework.security.authentication.AuthenticationManager authenticationManager)

tokenServices

public ResourceServerSecurityConfigurer tokenServices(ResourceServerTokenServices tokenServices)

init
```
public void init(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
          throws Exception
```
Specified by:

init in interface org.springframework.security.config.annotation.SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,org.springframework.security.config.annotation.web.builders.HttpSecurity>

Overrides:

init in class org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,org.springframework.security.config.annotation.web.builders.HttpSecurity>

Throws:

Exception

resourceId

public ResourceServerSecurityConfigurer resourceId(String resourceId)

configure
```
public void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
               throws Exception
```
Specified by:

configure in interface org.springframework.security.config.annotation.SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,org.springframework.security.config.annotation.web.builders.HttpSecurity>

Overrides:

configure in class org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,org.springframework.security.config.annotation.web.builders.HttpSecurity>

Throws:

Exception

getAccessDeniedHandler

public org.springframework.security.web.access.AccessDeniedHandler getAccessDeniedHandler()

Class ResourceServerSecurityConfigurer

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter

Methods inherited from class java.lang.Object

Constructor Detail

ResourceServerSecurityConfigurer

Method Detail

getTokenStore

stateless

authenticationEntryPoint

accessDeniedHandler

tokenStore

eventPublisher

expressionHandler

tokenExtractor

authenticationDetailsSource

authenticationManager

tokenServices

init

resourceId

configure

getAccessDeniedHandler