|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B> org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer<B,T,F>
public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecurityBuilder<B>,T extends AbstractAuthenticationFilterConfigurer<B,T,F>,F extends AbstractAuthenticationProcessingFilter>
Base class for confuring AbstractAuthenticationFilterConfigurer
. This is intended for internal use only.
FormLoginConfigurer
,
OpenIDLoginConfigurer
Constructor Summary | |
---|---|
protected |
AbstractAuthenticationFilterConfigurer(F authenticationFilter,
String defaultLoginProcessingUrl)
Creates a new instance |
Method Summary | |
---|---|
T |
authenticationDetailsSource(AuthenticationDetailsSource<javax.servlet.http.HttpServletRequest,?> authenticationDetailsSource)
Specifies a custom AuthenticationDetailsSource . |
void |
configure(B http)
Configure the SecurityBuilder by setting the necessary properties
on the SecurityBuilder . |
protected abstract RequestMatcher |
createLoginProcessingUrlMatcher(String loginProcessingUrl)
Create the RequestMatcher given a loginProcessingUrl |
T |
defaultSuccessUrl(String defaultSuccessUrl)
Specifies where users will go after authenticating successfully if they have not visited a secured page prior to authenticating. |
T |
defaultSuccessUrl(String defaultSuccessUrl,
boolean alwaysUse)
Specifies where users will go after authenticating successfully if they have not visited a secured page prior to authenticating or alwaysUse is true. |
B |
disable()
Disables the AbstractHttpConfigurer by removing it. |
T |
failureHandler(AuthenticationFailureHandler authenticationFailureHandler)
Specifies the AuthenticationFailureHandler to use when
authentication fails. |
T |
failureUrl(String authenticationFailureUrl)
The URL to send users if authentication fails. |
protected F |
getAuthenticationFilter()
Gets the Authentication Filter |
protected String |
getFailureUrl()
Gets the URL to send users to if authentication fails |
protected String |
getLoginPage()
Gets the login page |
protected String |
getLoginProcessingUrl()
Gets the URL to submit an authentication request to (i.e. |
void |
init(B http)
Initialize the SecurityBuilder . |
boolean |
isCustomLoginPage()
|
protected T |
loginPage(String loginPage)
Specifies the URL to send users to if login is required. |
T |
loginProcessingUrl(String loginProcessingUrl)
Specifies the URL to validate the credentials. |
T |
permitAll()
Equivalent of invoking permitAll(true) |
T |
permitAll(boolean permitAll)
Ensures the urls for failureUrl(String) and
#authenticationUrls(String) are granted access to any user. |
T |
successHandler(AuthenticationSuccessHandler successHandler)
Specifies the AuthenticationSuccessHandler to be used. |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
|
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter |
---|
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
protected AbstractAuthenticationFilterConfigurer(F authenticationFilter, String defaultLoginProcessingUrl)
authenticationFilter
- the AbstractAuthenticationProcessingFilter
to usedefaultLoginProcessingUrl
- the default URL to use for loginProcessingUrl(String)
Method Detail |
---|
public final T defaultSuccessUrl(String defaultSuccessUrl)
defaultSuccessUrl(String)
.
defaultSuccessUrl
- the default success url
FormLoginConfigurer
for additional customizationpublic final T defaultSuccessUrl(String defaultSuccessUrl, boolean alwaysUse)
alwaysUse
is true. This is a shortcut for calling
successHandler(AuthenticationSuccessHandler)
.
defaultSuccessUrl
- the default success urlalwaysUse
- true if the defaultSuccesUrl
should be used after
authentication despite if a protected page had been previously
visited
FormLoginConfigurer
for additional customizationpublic T loginProcessingUrl(String loginProcessingUrl)
loginProcessingUrl
- the URL to validate username and password
FormLoginConfigurer
for additional customizationprotected abstract RequestMatcher createLoginProcessingUrlMatcher(String loginProcessingUrl)
RequestMatcher
given a loginProcessingUrl
loginProcessingUrl
- creates the RequestMatcher
based upon the loginProcessingUrl
RequestMatcher
to use based upon the loginProcessingUrlpublic final T authenticationDetailsSource(AuthenticationDetailsSource<javax.servlet.http.HttpServletRequest,?> authenticationDetailsSource)
AuthenticationDetailsSource
. The default is WebAuthenticationDetailsSource
.
authenticationDetailsSource
- the custom AuthenticationDetailsSource
FormLoginConfigurer
for additional customizationpublic final T successHandler(AuthenticationSuccessHandler successHandler)
AuthenticationSuccessHandler
to be used. The
default is SavedRequestAwareAuthenticationSuccessHandler
with no
additional properites set.
successHandler
- the AuthenticationSuccessHandler
.
FormLoginConfigurer
for additional customizationpublic final T permitAll()
public final T permitAll(boolean permitAll)
failureUrl(String)
and
#authenticationUrls(String)
are granted access to any user.
permitAll
- true to grant access to the URLs false to skip this step
FormLoginConfigurer
for additional customizationpublic final T failureUrl(String authenticationFailureUrl)
failureHandler(AuthenticationFailureHandler)
. The
default is "/login?error".
authenticationFailureUrl
- the URL to send users if authentication fails (i.e.
"/login?error").
FormLoginConfigurer
for additional customizationpublic final T failureHandler(AuthenticationFailureHandler authenticationFailureHandler)
AuthenticationFailureHandler
to use when
authentication fails. The default is redirecting to "/login?error" using
SimpleUrlAuthenticationFailureHandler
authenticationFailureHandler
- the AuthenticationFailureHandler
to use when
authentication fails.
FormLoginConfigurer
for additional customizationpublic void init(B http) throws Exception
SecurityConfigurer
SecurityBuilder
. Here only shared state should be
created and modified, but not properties on the SecurityBuilder
used for building the object. This ensures that the
SecurityConfigurer.configure(SecurityBuilder)
method uses the correct shared
objects when building.
init
in interface SecurityConfigurer<DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>
init
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>
Exception
public void configure(B http) throws Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties
on the SecurityBuilder
.
configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>
configure
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,B extends HttpSecurityBuilder<B>>
Exception
protected T loginPage(String loginPage)
Specifies the URL to send users to if login is required. If used with
WebSecurityConfigurerAdapter
a default login page will be
generated when this attribute is not specified.
If a URL is specified or this is not being used in conjuction with
WebSecurityConfigurerAdapter
, users are required to process the
specified URL to generate a login page.
public final boolean isCustomLoginPage()
protected final F getAuthenticationFilter()
protected final String getLoginPage()
protected final String getLoginProcessingUrl()
protected final String getFailureUrl()
public B disable()
AbstractHttpConfigurer
by removing it. After doing
so a fresh version of the configuration can be applied.
HttpSecurityBuilder
for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |