Package org.springframework.security.config.annotation.web.configuration

Class WebSecurityConfiguration

java.lang.Object
org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.context.annotation.ImportAware
@Configuration(proxyBeanMethods=false) public class WebSecurityConfiguration extends Object implements org.springframework.context.annotation.ImportAware
Uses a WebSecurity to create the FilterChainProxy that performs the web based security for Spring Security. It then exports the necessary beans. Customizations can be made to WebSecurity by implementing WebSecurityConfigurer and exposing it as a Configuration or exposing a WebSecurityCustomizer bean. This configuration is imported when using EnableWebSecurity.
Since:
3.2
See Also:

  • Constructor Details

    • WebSecurityConfiguration

      public WebSecurityConfiguration()

  • Method Details

    • delegatingApplicationListener

      @Bean public static DelegatingApplicationListener delegatingApplicationListener()

    • webSecurityExpressionHandler

      @Bean @DependsOn("springSecurityFilterChain") public SecurityExpressionHandler<FilterInvocation> webSecurityExpressionHandler()

    • springSecurityFilterChain

      @Bean(name="springSecurityFilterChain") public jakarta.servlet.Filter springSecurityFilterChain(org.springframework.beans.factory.ObjectProvider<HttpSecurity> provider) throws Exception
      Creates the Spring Security Filter Chain
      Returns:
      the Filter that represents the security filter chain
      Throws:
      Exception

    • privilegeEvaluator

      @Bean @DependsOn("springSecurityFilterChain") public WebInvocationPrivilegeEvaluator privilegeEvaluator()
      Creates the WebInvocationPrivilegeEvaluator that is necessary to evaluate privileges for a given web URI
      Returns:
      the WebInvocationPrivilegeEvaluator

    • setFilterChainProxySecurityConfigurer

      @Autowired(required=false) public void setFilterChainProxySecurityConfigurer(ObjectPostProcessor<Object> objectPostProcessor, org.springframework.beans.factory.config.ConfigurableListableBeanFactory beanFactory) throws Exception
      Sets the <SecurityConfigurer<FilterChainProxy, WebSecurityBuilder> instances used to create the web configuration.
      Parameters:
      objectPostProcessor - the ObjectPostProcessor used to create a WebSecurity instance
      beanFactory - the bean factory to use to retrieve the relevant <SecurityConfigurer<FilterChainProxy, WebSecurityBuilder> instances used to create the web configuration
      Throws:
      Exception

    • conversionServicePostProcessor

      @Bean public static org.springframework.beans.factory.config.BeanFactoryPostProcessor conversionServicePostProcessor()

    • setImportMetadata

      public void setImportMetadata(org.springframework.core.type.AnnotationMetadata importMetadata)
      Specified by:
      setImportMetadata in interface org.springframework.context.annotation.ImportAware