public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
AuthenticationEntryPoint
is populated with an Http403ForbiddenEntryPoint
PreAuthenticatedAuthenticationProvider
is populated into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
Constructor and Description |
---|
JeeConfigurer()
Creates a new instance
|
Modifier and Type | Method and Description |
---|---|
JeeConfigurer<H> |
authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
Specifies the
AuthenticationUserDetailsService that is used with
the PreAuthenticatedAuthenticationProvider . |
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties
on the SecurityBuilder . |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
void |
init(H http)
Populates a
PreAuthenticatedAuthenticationProvider into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
and a Http403ForbiddenEntryPoint into
HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) |
JeeConfigurer<H> |
j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
Allows specifying the
J2eePreAuthenticatedProcessingFilter to
use. |
JeeConfigurer<H> |
mappableAuthorities(Set<String> mappableRoles)
Specifies roles to use map from the
HttpServletRequest to the
UserDetails . |
JeeConfigurer<H> |
mappableAuthorities(String... mappableRoles)
Specifies roles to use map from the
HttpServletRequest to the
UserDetails . |
JeeConfigurer<H> |
mappableRoles(String... mappableRoles)
Specifies roles to use map from the
HttpServletRequest to the
UserDetails and automatically prefixes it with "ROLE_". |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
public JeeConfigurer()
HttpSecurity.jee()
public JeeConfigurer<H> mappableAuthorities(String... mappableRoles)
HttpServletRequest
to the
UserDetails
. If HttpServletRequest.isUserInRole(String)
returns true, the role is added to the UserDetails
. This method
is the equivalent of invoking mappableAuthorities(Set)
. Multiple
invocations of mappableAuthorities(String...)
will override previous
invocations.
There are no default roles that are mapped.
mappableRoles
- the roles to attempt to map to the UserDetails
(i.e.
"ROLE_USER", "ROLE_ADMIN", etc).JeeConfigurer
for further customizationsSimpleMappableAttributesRetriever
,
mappableRoles(String...)
public JeeConfigurer<H> mappableRoles(String... mappableRoles)
HttpServletRequest
to the
UserDetails
and automatically prefixes it with "ROLE_". If
HttpServletRequest.isUserInRole(String)
returns true, the role is
added to the UserDetails
. This method is the equivalent of
invoking mappableAuthorities(Set)
. Multiple invocations of
mappableRoles(String...)
will override previous invocations.
There are no default roles that are mapped.
mappableRoles
- the roles to attempt to map to the UserDetails
(i.e.
"USER", "ADMIN", etc).JeeConfigurer
for further customizationsSimpleMappableAttributesRetriever
,
mappableAuthorities(String...)
public JeeConfigurer<H> mappableAuthorities(Set<String> mappableRoles)
HttpServletRequest
to the
UserDetails
. If HttpServletRequest.isUserInRole(String)
returns true, the role is added to the UserDetails
. This is the
equivalent of mappableRoles(String...)
. Multiple invocations of
mappableAuthorities(Set)
will override previous invocations.
There are no default roles that are mapped.
mappableRoles
- the roles to attempt to map to the UserDetails
.JeeConfigurer
for further customizationsSimpleMappableAttributesRetriever
public JeeConfigurer<H> authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
AuthenticationUserDetailsService
that is used with
the PreAuthenticatedAuthenticationProvider
. The default is a
PreAuthenticatedGrantedAuthoritiesUserDetailsService
.authenticatedUserDetailsService
- the AuthenticationUserDetailsService
to use.JeeConfigurer
for further configurationpublic JeeConfigurer<H> j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
J2eePreAuthenticatedProcessingFilter
to
use. If J2eePreAuthenticatedProcessingFilter
is provided, all of its attributes must also be
configured manually (i.e. all attributes populated in the JeeConfigurer
are not used).j2eePreAuthenticatedProcessingFilter
- the J2eePreAuthenticatedProcessingFilter
to use.JeeConfigurer
for further configurationpublic void init(H http) throws Exception
PreAuthenticatedAuthenticationProvider
into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
and a Http403ForbiddenEntryPoint
into
HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint)
init
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
init
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
SecurityConfigurerAdapter.init(org.springframework.security.config.annotation.SecurityBuilder)
public void configure(H http) throws Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties
on the SecurityBuilder
.configure
in interface SecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class SecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
public B disable()
AbstractHttpConfigurer
by removing it. After doing
so a fresh version of the configuration can be applied.HttpSecurityBuilder
for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)