Package es.kukenan.smartfi.springboot.config.security

Class WebSecurityConfigurer

java.lang.Object

org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

es.kukenan.smartfi.springboot.config.security.WebSecurityConfigurer

All Implemented Interfaces:

org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>

@EnableWebSecurity
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled=true,
                            securedEnabled=true)
public class WebSecurityConfigurer
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

REST API security configuration.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
private class	WebSecurityConfigurer.CustomAccessDeniedHandler	Access denied handler to configure how access denied errors are managed (a response is created by the RestExceptionHandler.
private class	WebSecurityConfigurer.CustomAuthenticationEntryPoint	Authentication error handler to configure how authentication errors are managed (a response is created by the RestExceptionHandler.

Field Summary

Fields

Modifier and Type	Field	Description
private ContextPropagationInFilter	contextPropagationInFilter	Context propagation filter.
private static final CustomObjectMapper	customObjectMapper	Object mapper used to serialize http response bodies.
private RestExceptionHandler	exceptionHandler	The RestExceptionHandler.
private JwtAuthorizationFilter	jwtAuthorizationFilter	JWT authorization filter.
private WebSecurityConfigurerCustomizer	webSecurityConfigurerCustomizer	WebSecurityConfigurerCustomizer.

Constructor Summary

Constructors

Constructor	Description
WebSecurityConfigurer()

Method Summary

Modifier and Type	Method	Description
protected void	configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
(package private) void	doDefaultConfigure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)	Default web security configuration.
private javax.servlet.Filter	exceptionHandlerFilter()
private void	handleResponse(org.springframework.http.ResponseEntity<Object> response, javax.servlet.http.HttpServletResponse httpServletResponse)	Handles a response created at the RestExceptionHandler and writes the required http json error response.
private void	outputResponse(org.springframework.http.ResponseEntity<Object> responseEntity, javax.servlet.http.HttpServletResponse httpServletResponse)	Write the given response entity to the http servlet response.

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

authenticationManager, authenticationManagerBean, configure, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

customObjectMapper

private static final CustomObjectMapper customObjectMapper

Object mapper used to serialize http response bodies.

exceptionHandler

@Autowired
private RestExceptionHandler exceptionHandler

The RestExceptionHandler.

contextPropagationInFilter

@Autowired
private ContextPropagationInFilter contextPropagationInFilter

Context propagation filter.

jwtAuthorizationFilter

@Autowired
private JwtAuthorizationFilter jwtAuthorizationFilter

JWT authorization filter.

webSecurityConfigurerCustomizer

@Nullable
@Autowired
private WebSecurityConfigurerCustomizer webSecurityConfigurerCustomizer

WebSecurityConfigurerCustomizer.

Constructor Details

WebSecurityConfigurer

public WebSecurityConfigurer()

Method Details

configure

protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                  throws Exception

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception

doDefaultConfigure

void doDefaultConfigure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                 throws Exception

Default web security configuration.

Parameters:

http - HttpSecurity instance.

Throws:

Exception - if any exception is thrown.

handleResponse

private void handleResponse(org.springframework.http.ResponseEntity<Object> response,
 javax.servlet.http.HttpServletResponse httpServletResponse)
                     throws IOException

Handles a response created at the RestExceptionHandler and writes the required http json error response.

Parameters:

response - the response created at RestExceptionHandler.

httpServletResponse - the HttpServletResponse.

Throws:

IOException - if an exception is thrown writing the response to the output stream.

exceptionHandlerFilter

private javax.servlet.Filter exceptionHandlerFilter()

outputResponse

private void outputResponse(org.springframework.http.ResponseEntity<Object> responseEntity,
 javax.servlet.http.HttpServletResponse httpServletResponse)

Write the given response entity to the http servlet response.

Parameters:

responseEntity - the response entity.

httpServletResponse - the http servlet request.