Class JeeConfigurer<H extends HttpSecurityBuilder<H>>
java.lang.Object
org.springframework.security.config.annotation.SecurityConfigurerAdapter<DefaultSecurityFilterChain,B>
org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<JeeConfigurer<H>,H>
org.springframework.security.config.annotation.web.configurers.JeeConfigurer<H>
- All Implemented Interfaces:
SecurityConfigurer<DefaultSecurityFilterChain,H>
public final class JeeConfigurer<H extends HttpSecurityBuilder<H>>
extends AbstractHttpConfigurer<JeeConfigurer<H>,H>
Adds support for J2EE pre authentication.
Security Filters
The following Filters are populatedShared Objects Created
AuthenticationEntryPointis populated with anHttp403ForbiddenEntryPoint- A
PreAuthenticatedAuthenticationProvideris populated intoHttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
Shared Objects Used
The following shared objects are used:- Since:
- 3.2
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionauthenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService) Specifies theAuthenticationUserDetailsServicethat is used with thePreAuthenticatedAuthenticationProvider.voidConfigure theSecurityBuilderby setting the necessary properties on theSecurityBuilder.voidj2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter) Allows specifying theJ2eePreAuthenticatedProcessingFilterto use.mappableAuthorities(String... mappableRoles) Specifies roles to use map from theHttpServletRequestto theUserDetails.mappableAuthorities(Set<String> mappableRoles) Specifies roles to use map from theHttpServletRequestto theUserDetails.mappableRoles(String... mappableRoles) Specifies roles to use map from theHttpServletRequestto theUserDetailsand automatically prefixes it with "ROLE_".Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
disable, getSecurityContextHolderStrategy, withObjectPostProcessorMethods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
-
Constructor Details
-
JeeConfigurer
public JeeConfigurer()Creates a new instance- See Also:
-
-
Method Details
-
mappableAuthorities
Specifies roles to use map from theHttpServletRequestto theUserDetails. IfHttpServletRequest.isUserInRole(String)returns true, the role is added to theUserDetails. This method is the equivalent of invokingmappableAuthorities(Set). Multiple invocations ofmappableAuthorities(String...)will override previous invocations.There are no default roles that are mapped.
- Parameters:
mappableRoles- the roles to attempt to map to theUserDetails(i.e. "ROLE_USER", "ROLE_ADMIN", etc).- Returns:
- the
JeeConfigurerfor further customizations - See Also:
-
mappableRoles
Specifies roles to use map from theHttpServletRequestto theUserDetailsand automatically prefixes it with "ROLE_". IfHttpServletRequest.isUserInRole(String)returns true, the role is added to theUserDetails. This method is the equivalent of invokingmappableAuthorities(Set). Multiple invocations ofmappableRoles(String...)will override previous invocations.There are no default roles that are mapped.
- Parameters:
mappableRoles- the roles to attempt to map to theUserDetails(i.e. "USER", "ADMIN", etc).- Returns:
- the
JeeConfigurerfor further customizations - See Also:
-
mappableAuthorities
Specifies roles to use map from theHttpServletRequestto theUserDetails. IfHttpServletRequest.isUserInRole(String)returns true, the role is added to theUserDetails. This is the equivalent ofmappableRoles(String...). Multiple invocations ofmappableAuthorities(Set)will override previous invocations.There are no default roles that are mapped.
- Parameters:
mappableRoles- the roles to attempt to map to theUserDetails.- Returns:
- the
JeeConfigurerfor further customizations - See Also:
-
authenticatedUserDetailsService
public JeeConfigurer<H> authenticatedUserDetailsService(AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService) Specifies theAuthenticationUserDetailsServicethat is used with thePreAuthenticatedAuthenticationProvider. The default is aPreAuthenticatedGrantedAuthoritiesUserDetailsService.- Parameters:
authenticatedUserDetailsService- theAuthenticationUserDetailsServiceto use.- Returns:
- the
JeeConfigurerfor further configuration
-
j2eePreAuthenticatedProcessingFilter
public JeeConfigurer<H> j2eePreAuthenticatedProcessingFilter(J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter) Allows specifying theJ2eePreAuthenticatedProcessingFilterto use. IfJ2eePreAuthenticatedProcessingFilteris provided, all of its attributes must also be configured manually (i.e. all attributes populated in theJeeConfigurerare not used).- Parameters:
j2eePreAuthenticatedProcessingFilter- theJ2eePreAuthenticatedProcessingFilterto use.- Returns:
- the
JeeConfigurerfor further configuration
-
init
Populates aPreAuthenticatedAuthenticationProviderintoHttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)and aHttp403ForbiddenEntryPointintoHttpSecurityBuilder.setSharedObject(Class, Object)- Specified by:
initin interfaceSecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>> - Overrides:
initin classSecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>> - See Also:
-
configure
Description copied from interface:SecurityConfigurerConfigure theSecurityBuilderby setting the necessary properties on theSecurityBuilder.- Specified by:
configurein interfaceSecurityConfigurer<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>> - Overrides:
configurein classSecurityConfigurerAdapter<DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
-