Package io.dialob.boot.security
Class ApiServiceSecurityConfigurer
- java.lang.Object
-
- org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- io.dialob.boot.security.AbstractWebSecurityConfigurer
-
- io.dialob.boot.security.AbstractApiSecurityConfigurer
-
- io.dialob.boot.security.ApiServiceSecurityConfigurer
-
- All Implemented Interfaces:
org.springframework.core.Ordered,org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>,org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>
public class ApiServiceSecurityConfigurer extends AbstractApiSecurityConfigurer
-
-
Field Summary
Fields Modifier and Type Field Description static org.springframework.security.web.util.matcher.RequestMatcherSESSION_NOT_EXISTS_MATCHER-
Fields inherited from class io.dialob.boot.security.AbstractApiSecurityConfigurer
ALLOW_SAME_ORIGIN, PERMIT_ALL, SESSION_EXISTS_MATCHER
-
-
Constructor Summary
Constructors Constructor Description ApiServiceSecurityConfigurer(ClientApiKeyService apiKeyService, ApiKeyAuthoritiesProvider apiKeyAuthoritiesProvider, ApiKeyValidator apiKeyValidator, DialobSettings settings, io.dialob.security.key.ServletRequestApiKeyExtractor keyRequestExtractor, TenantAccessEvaluator tenantPermissionEvaluator, AuthenticationStrategy authenticationStrategy, boolean allRequests)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected ApiKeyAuthenticationProviderapiKeyAuthenticationProvider(ClientApiKeyService apiKeyService, ApiKeyAuthoritiesProvider apiKeyAuthoritiesProvider, ApiKeyValidator apiRequestValidator)protected org.springframework.security.web.util.matcher.RequestMatcherapiKeyRequestMatcher()protected voidconfigure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)protected org.springframework.security.config.annotation.web.builders.HttpSecurityconfigureAuthentication(org.springframework.security.config.annotation.web.builders.HttpSecurity http)protected org.springframework.security.config.annotation.web.builders.HttpSecurityconfigureCsrf(org.springframework.security.config.annotation.web.builders.HttpSecurity http)protected org.springframework.security.config.annotation.web.builders.HttpSecurityconfigureFrameOptions(org.springframework.security.config.annotation.web.builders.HttpSecurity http)protected org.springframework.security.config.annotation.web.builders.HttpSecurityconfigureMDCPrincipalFilter(org.springframework.security.config.annotation.web.builders.HttpSecurity http)protected org.springframework.security.web.util.matcher.RequestMatcherrequestMatcher()-
Methods inherited from class io.dialob.boot.security.AbstractApiSecurityConfigurer
configurePermissions, getTenantRequiredMatcher
-
Methods inherited from class io.dialob.boot.security.AbstractWebSecurityConfigurer
configure, configureAuthenticationManager, configureCors, configureLogout, configureRequestParameterTenantScopeFilter, getContextPath, getDefaultTenantSupplier, getOrder, getRequestParameterTenantScopeFilter, getTenantPermissionEvaluator, withOrder
-
Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
authenticationManager, authenticationManagerBean, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean
-
-
-
-
Constructor Detail
-
ApiServiceSecurityConfigurer
public ApiServiceSecurityConfigurer(@NonNull ClientApiKeyService apiKeyService, @NonNull ApiKeyAuthoritiesProvider apiKeyAuthoritiesProvider, @NonNull ApiKeyValidator apiKeyValidator, @NonNull DialobSettings settings, @NonNull io.dialob.security.key.ServletRequestApiKeyExtractor keyRequestExtractor, @NonNull TenantAccessEvaluator tenantPermissionEvaluator, @NonNull AuthenticationStrategy authenticationStrategy, @NonNull boolean allRequests)
-
-
Method Detail
-
apiKeyRequestMatcher
protected org.springframework.security.web.util.matcher.RequestMatcher apiKeyRequestMatcher()
-
requestMatcher
protected org.springframework.security.web.util.matcher.RequestMatcher requestMatcher()
- Overrides:
requestMatcherin classAbstractWebSecurityConfigurer
-
configureAuthentication
protected org.springframework.security.config.annotation.web.builders.HttpSecurity configureAuthentication(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception- Overrides:
configureAuthenticationin classAbstractWebSecurityConfigurer- Throws:
Exception
-
configureCsrf
protected org.springframework.security.config.annotation.web.builders.HttpSecurity configureCsrf(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception- Overrides:
configureCsrfin classAbstractWebSecurityConfigurer- Throws:
Exception
-
configureFrameOptions
protected org.springframework.security.config.annotation.web.builders.HttpSecurity configureFrameOptions(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception- Overrides:
configureFrameOptionsin classAbstractWebSecurityConfigurer- Throws:
Exception
-
apiKeyAuthenticationProvider
protected ApiKeyAuthenticationProvider apiKeyAuthenticationProvider(@NonNull ClientApiKeyService apiKeyService, @NonNull ApiKeyAuthoritiesProvider apiKeyAuthoritiesProvider, @NonNull ApiKeyValidator apiRequestValidator)
-
configure
protected void configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth) throws Exception- Overrides:
configurein classAbstractWebSecurityConfigurer- Throws:
Exception
-
configureMDCPrincipalFilter
protected org.springframework.security.config.annotation.web.builders.HttpSecurity configureMDCPrincipalFilter(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception- Overrides:
configureMDCPrincipalFilterin classAbstractWebSecurityConfigurer- Throws:
Exception
-
-