Class WebSecurityConfiguration
java.lang.Object
org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
- All Implemented Interfaces:
org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanClassLoaderAware
,org.springframework.context.annotation.ImportAware
@Configuration(proxyBeanMethods=false)
public class WebSecurityConfiguration
extends Object
implements org.springframework.context.annotation.ImportAware, org.springframework.beans.factory.BeanClassLoaderAware
Uses a
WebSecurity
to create the FilterChainProxy
that performs the web
based security for Spring Security. It then exports the necessary beans. Customizations
can be made to WebSecurity
by implementing WebSecurityConfigurer
and
exposing it as a Configuration
or exposing a WebSecurityCustomizer
bean. This configuration is imported when using EnableWebSecurity
.- Since:
- 3.2
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic org.springframework.beans.factory.config.BeanFactoryPostProcessor
Creates theWebInvocationPrivilegeEvaluator
that is necessary to evaluate privileges for a given web URIvoid
setBeanClassLoader
(ClassLoader classLoader) void
setFilterChainProxySecurityConfigurer
(ObjectPostProcessor<Object> objectPostProcessor, org.springframework.beans.factory.config.ConfigurableListableBeanFactory beanFactory) Sets the<SecurityConfigurer<FilterChainProxy, WebSecurityBuilder>
instances used to create the web configuration.void
setImportMetadata
(org.springframework.core.type.AnnotationMetadata importMetadata) jakarta.servlet.Filter
Creates the Spring Security Filter Chain
-
Constructor Details
-
WebSecurityConfiguration
public WebSecurityConfiguration()
-
-
Method Details
-
delegatingApplicationListener
-
webSecurityExpressionHandler
@Bean @DependsOn("springSecurityFilterChain") public SecurityExpressionHandler<FilterInvocation> webSecurityExpressionHandler() -
springSecurityFilterChain
@Bean(name="springSecurityFilterChain") public jakarta.servlet.Filter springSecurityFilterChain() throws ExceptionCreates the Spring Security Filter Chain- Returns:
- the
Filter
that represents the security filter chain - Throws:
Exception
-
privilegeEvaluator
@Bean @DependsOn("springSecurityFilterChain") public WebInvocationPrivilegeEvaluator privilegeEvaluator()Creates theWebInvocationPrivilegeEvaluator
that is necessary to evaluate privileges for a given web URI- Returns:
- the
WebInvocationPrivilegeEvaluator
-
setFilterChainProxySecurityConfigurer
@Autowired(required=false) public void setFilterChainProxySecurityConfigurer(ObjectPostProcessor<Object> objectPostProcessor, org.springframework.beans.factory.config.ConfigurableListableBeanFactory beanFactory) throws Exception Sets the<SecurityConfigurer<FilterChainProxy, WebSecurityBuilder>
instances used to create the web configuration.- Parameters:
objectPostProcessor
- theObjectPostProcessor
used to create aWebSecurity
instancebeanFactory
- the bean factory to use to retrieve the relevant<SecurityConfigurer<FilterChainProxy, WebSecurityBuilder>
instances used to create the web configuration- Throws:
Exception
-
conversionServicePostProcessor
@Bean public static org.springframework.beans.factory.config.BeanFactoryPostProcessor conversionServicePostProcessor() -
setImportMetadata
public void setImportMetadata(org.springframework.core.type.AnnotationMetadata importMetadata) - Specified by:
setImportMetadata
in interfaceorg.springframework.context.annotation.ImportAware
-
setBeanClassLoader
- Specified by:
setBeanClassLoader
in interfaceorg.springframework.beans.factory.BeanClassLoaderAware
-