public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
J2eePreAuthenticatedProcessingFilterAuthenticationEntryPoint
is populated with an Http403ForbiddenEntryPointPreAuthenticatedAuthenticationProvider is populated into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
AuthenticationManager| Constructor and Description |
|---|
JeeConfigurer()
Creates a new instance
|
| Modifier and Type | Method and Description |
|---|---|
JeeConfigurer<H> |
authenticatedUserDetailsService(org.springframework.security.core.userdetails.AuthenticationUserDetailsService<org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
Specifies the
AuthenticationUserDetailsService that is used with
the PreAuthenticatedAuthenticationProvider. |
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties
on the SecurityBuilder. |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
void |
init(H http)
Populates a
PreAuthenticatedAuthenticationProvider into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
and a Http403ForbiddenEntryPoint into
HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) |
JeeConfigurer<H> |
j2eePreAuthenticatedProcessingFilter(org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
Allows specifying the
J2eePreAuthenticatedProcessingFilter to
use. |
JeeConfigurer<H> |
mappableAuthorities(Set<String> mappableRoles)
Specifies roles to use map from the
HttpServletRequest to the
UserDetails. |
JeeConfigurer<H> |
mappableAuthorities(String... mappableRoles)
Specifies roles to use map from the
HttpServletRequest to the
UserDetails. |
JeeConfigurer<H> |
mappableRoles(String... mappableRoles)
Specifies roles to use map from the
HttpServletRequest to the
UserDetails and automatically prefixes it with "ROLE_". |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
addObjectPostProcessor, and, getBuilder, postProcess, setBuilderpublic JeeConfigurer()
HttpSecurity.jee()public JeeConfigurer<H> mappableAuthorities(String... mappableRoles)
HttpServletRequest to the
UserDetails. If HttpServletRequest.isUserInRole(String)
returns true, the role is added to the UserDetails. This method
is the equivalent of invoking mappableAuthorities(Set). Multiple
invocations of mappableAuthorities(String...) will override previous
invocations.
There are no default roles that are mapped.
mappableRoles - the roles to attempt to map to the UserDetails (i.e.
"ROLE_USER", "ROLE_ADMIN", etc).JeeConfigurer for further customizationsSimpleMappableAttributesRetriever,
mappableRoles(String...)public JeeConfigurer<H> mappableRoles(String... mappableRoles)
HttpServletRequest to the
UserDetails and automatically prefixes it with "ROLE_". If
HttpServletRequest.isUserInRole(String) returns true, the role is
added to the UserDetails. This method is the equivalent of
invoking mappableAuthorities(Set). Multiple invocations of
mappableRoles(String...) will override previous invocations.
There are no default roles that are mapped.
mappableRoles - the roles to attempt to map to the UserDetails (i.e.
"USER", "ADMIN", etc).JeeConfigurer for further customizationsSimpleMappableAttributesRetriever,
mappableAuthorities(String...)public JeeConfigurer<H> mappableAuthorities(Set<String> mappableRoles)
HttpServletRequest to the
UserDetails. If HttpServletRequest.isUserInRole(String)
returns true, the role is added to the UserDetails. This is the
equivalent of mappableRoles(String...). Multiple invocations of
mappableAuthorities(Set) will override previous invocations.
There are no default roles that are mapped.
mappableRoles - the roles to attempt to map to the UserDetails.JeeConfigurer for further customizationsSimpleMappableAttributesRetrieverpublic JeeConfigurer<H> authenticatedUserDetailsService(org.springframework.security.core.userdetails.AuthenticationUserDetailsService<org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
AuthenticationUserDetailsService that is used with
the PreAuthenticatedAuthenticationProvider. The default is a
PreAuthenticatedGrantedAuthoritiesUserDetailsService.authenticatedUserDetailsService - the AuthenticationUserDetailsService to use.JeeConfigurer for further configurationpublic JeeConfigurer<H> j2eePreAuthenticatedProcessingFilter(org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
J2eePreAuthenticatedProcessingFilter to
use. If J2eePreAuthenticatedProcessingFilter is provided, all of its attributes must also be
configured manually (i.e. all attributes populated in the JeeConfigurer are not used).j2eePreAuthenticatedProcessingFilter - the J2eePreAuthenticatedProcessingFilter to use.JeeConfigurer for further configurationpublic void init(H http) throws Exception
PreAuthenticatedAuthenticationProvider into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
and a Http403ForbiddenEntryPoint into
HttpSecurity#authenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint)init in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>init in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>ExceptionSecurityConfigurerAdapter.init(org.springframework.security.config.annotation.SecurityBuilder)public void configure(H http) throws Exception
SecurityConfigurerSecurityBuilder by setting the necessary properties
on the SecurityBuilder.configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>Exceptionpublic B disable()
AbstractHttpConfigurer by removing it. After doing
so a fresh version of the configuration can be applied.HttpSecurityBuilder for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)