Package sk.iway.iwcm.system.spring
Class SpringSecurityConf
java.lang.Object
sk.iway.iwcm.system.spring.SpringSecurityConf
@Configuration
@EnableWebSecurity
@EnableMethodSecurity(securedEnabled=true,
prePostEnabled=true)
public class SpringSecurityConf
extends Object
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.security.oauth2.client.OAuth2AuthorizedClientServiceauthorizedClientService(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository) org.springframework.security.oauth2.client.registration.ClientRegistrationRepositoryprotected voidconfigureSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String className) org.springframework.security.web.SecurityFilterChainfilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http, org.springframework.security.web.webauthn.management.UserCredentialRepository passkeyUserCredentialRepository, org.springframework.security.web.webauthn.management.PublicKeyCredentialUserEntityRepository passkeyUserEntityRepository, org.springframework.security.core.userdetails.UserDetailsService webauthnUserDetailsService) static booleanReturns true if Basic Auth is enabled, it is initilized on startup, so tests can't rely on springSecurityAllowedAuths conf valueorg.springframework.security.crypto.password.PasswordEncoderCustom PasswordEncoder that delegates to Spring's default DelegatingPasswordEncoder, but catches IllegalArgumentException thrown when trying to match an encoded password with an unknown format (i.e.org.springframework.security.web.firewall.HttpFirewall
-
Constructor Details
-
SpringSecurityConf
public SpringSecurityConf()
-
-
Method Details
-
passwordEncoder
@Bean public org.springframework.security.crypto.password.PasswordEncoder passwordEncoder()Custom PasswordEncoder that delegates to Spring's default DelegatingPasswordEncoder, but catches IllegalArgumentException thrown when trying to match an encoded password with an unknown format (i.e. missing or unrecognized id prefix like {bcrypt}), and treats it as a non-match instead of throwing an exception. This allows us to support legacy passwords without a prefix, while still using the more secure DelegatingPasswordEncoder for new passwords. -
filterChain
@Bean public org.springframework.security.web.SecurityFilterChain filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http, @Autowired(required=false) org.springframework.security.web.webauthn.management.UserCredentialRepository passkeyUserCredentialRepository, @Autowired(required=false) org.springframework.security.web.webauthn.management.PublicKeyCredentialUserEntityRepository passkeyUserEntityRepository, @Autowired(required=false) @Qualifier("webauthnUserDetailsService") org.springframework.security.core.userdetails.UserDetailsService webauthnUserDetailsService) throws Exception - Throws:
Exception
-
webjetHttpFirewall
@Bean public org.springframework.security.web.firewall.HttpFirewall webjetHttpFirewall() -
configureSecurity
protected void configureSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String className) -
isBasicAuthEnabled
public static boolean isBasicAuthEnabled()Returns true if Basic Auth is enabled, it is initilized on startup, so tests can't rely on springSecurityAllowedAuths conf value- Returns:
-
clientRegistrationRepository
@Bean public org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository() -
authorizedClientService
@Bean public org.springframework.security.oauth2.client.OAuth2AuthorizedClientService authorizedClientService(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository)
-