Class JeeConfigurer<H extends HttpSecurityBuilder<H>>
- java.lang.Object
-
- org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
-
- org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<JeeConfigurer<H>,H>
-
- org.springframework.security.config.annotation.web.configurers.JeeConfigurer<H>
-
- All Implemented Interfaces:
SecurityConfigurer<DefaultSecurityFilterChain,H>
public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<JeeConfigurer<H>,H>
Adds support for J2EE pre authentication.Security Filters
The following Filters are populatedShared Objects Created
AuthenticationEntryPoint
is populated with anHttp403ForbiddenEntryPoint
- A
PreAuthenticatedAuthenticationProvider
is populated intoHttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
Shared Objects Used
The following shared objects are used:- Since:
- 3.2
-
-
Constructor Summary
Constructors Constructor Description JeeConfigurer()
Creates a new instance
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description JeeConfigurer<H>
authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
Specifies theAuthenticationUserDetailsService
that is used with thePreAuthenticatedAuthenticationProvider
.void
configure(H http)
Configure theSecurityBuilder
by setting the necessary properties on theSecurityBuilder
.void
init(H http)
JeeConfigurer<H>
j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
Allows specifying theJ2eePreAuthenticatedProcessingFilter
to use.JeeConfigurer<H>
mappableAuthorities(java.lang.String... mappableRoles)
Specifies roles to use map from theHttpServletRequest
to theUserDetails
.JeeConfigurer<H>
mappableAuthorities(java.util.Set<java.lang.String> mappableRoles)
Specifies roles to use map from theHttpServletRequest
to theUserDetails
.JeeConfigurer<H>
mappableRoles(java.lang.String... mappableRoles)
Specifies roles to use map from theHttpServletRequest
to theUserDetails
and automatically prefixes it with "ROLE_".-
Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
disable, withObjectPostProcessor
-
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
-
-
-
-
Constructor Detail
-
JeeConfigurer
public JeeConfigurer()
Creates a new instance- See Also:
HttpSecurity.jee()
-
-
Method Detail
-
mappableAuthorities
public JeeConfigurer<H> mappableAuthorities(java.lang.String... mappableRoles)
Specifies roles to use map from theHttpServletRequest
to theUserDetails
. IfHttpServletRequest.isUserInRole(String)
returns true, the role is added to theUserDetails
. This method is the equivalent of invokingmappableAuthorities(Set)
. Multiple invocations ofmappableAuthorities(String...)
will override previous invocations.There are no default roles that are mapped.
- Parameters:
mappableRoles
- the roles to attempt to map to theUserDetails
(i.e. "ROLE_USER", "ROLE_ADMIN", etc).- Returns:
- the
JeeConfigurer
for further customizations - See Also:
SimpleMappableAttributesRetriever
,mappableRoles(String...)
-
mappableRoles
public JeeConfigurer<H> mappableRoles(java.lang.String... mappableRoles)
Specifies roles to use map from theHttpServletRequest
to theUserDetails
and automatically prefixes it with "ROLE_". IfHttpServletRequest.isUserInRole(String)
returns true, the role is added to theUserDetails
. This method is the equivalent of invokingmappableAuthorities(Set)
. Multiple invocations ofmappableRoles(String...)
will override previous invocations.There are no default roles that are mapped.
- Parameters:
mappableRoles
- the roles to attempt to map to theUserDetails
(i.e. "USER", "ADMIN", etc).- Returns:
- the
JeeConfigurer
for further customizations - See Also:
SimpleMappableAttributesRetriever
,mappableAuthorities(String...)
-
mappableAuthorities
public JeeConfigurer<H> mappableAuthorities(java.util.Set<java.lang.String> mappableRoles)
Specifies roles to use map from theHttpServletRequest
to theUserDetails
. IfHttpServletRequest.isUserInRole(String)
returns true, the role is added to theUserDetails
. This is the equivalent ofmappableRoles(String...)
. Multiple invocations ofmappableAuthorities(Set)
will override previous invocations.There are no default roles that are mapped.
- Parameters:
mappableRoles
- the roles to attempt to map to theUserDetails
.- Returns:
- the
JeeConfigurer
for further customizations - See Also:
SimpleMappableAttributesRetriever
-
authenticatedUserDetailsService
public JeeConfigurer<H> authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
Specifies theAuthenticationUserDetailsService
that is used with thePreAuthenticatedAuthenticationProvider
. The default is aPreAuthenticatedGrantedAuthoritiesUserDetailsService
.- Parameters:
authenticatedUserDetailsService
- theAuthenticationUserDetailsService
to use.- Returns:
- the
JeeConfigurer
for further configuration
-
j2eePreAuthenticatedProcessingFilter
public JeeConfigurer<H> j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
Allows specifying theJ2eePreAuthenticatedProcessingFilter
to use. IfJ2eePreAuthenticatedProcessingFilter
is provided, all of its attributes must also be configured manually (i.e. all attributes populated in theJeeConfigurer
are not used).- Parameters:
j2eePreAuthenticatedProcessingFilter
- theJ2eePreAuthenticatedProcessingFilter
to use.- Returns:
- the
JeeConfigurer
for further configuration
-
init
public void init(H http)
Populates aPreAuthenticatedAuthenticationProvider
intoHttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
and aHttp403ForbiddenEntryPoint
intoHttpSecurityBuilder.setSharedObject(Class, Object)
- Specified by:
init
in interfaceSecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
- Overrides:
init
in classSecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
- See Also:
SecurityConfigurerAdapter.init(org.springframework.security.config.annotation.SecurityBuilder)
-
configure
public void configure(H http)
Description copied from interface:SecurityConfigurer
Configure theSecurityBuilder
by setting the necessary properties on theSecurityBuilder
.- Specified by:
configure
in interfaceSecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
- Overrides:
configure
in classSecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
-
-