Class SecurityConfig
- java.lang.Object
-
- org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
- io.mosip.kernel.auth.defaultadapter.config.SecurityConfig
-
- All Implemented Interfaces:
org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>,org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled=true) @Order(2) public class SecurityConfig extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapterHolds the main configuration for authentication and authorization using spring security. Inclusions: 1. AuthenticationManager bean configuration: a. This is assigned an authProvider that we implemented. This option can include multiple auth providers if necessary based on the requirement. b. RETURNS an instance of the ProviderManager. 2. AuthFilter bean configuration: a. This extends AbstractAuthenticationProcessingFilter. b. Instance of the AuthFilter is created. c. This filter comes in line after the AuthHeadersFilter. d. Binds the AuthenticationManager instance created with the filter. e. Binds the AuthSuccessHandler created with the filter. f. RETURNS an instance of the AuthFilter. 3. RestTemplate bean configuration: a. Binds the ClientInterceptor instance with the RestTemplate instance created. b. RETURNS an instance of the RestTemplate. 4. Secures endpoints using antMatchers and adds filters in a sequence for execution.- Since:
- 1.0.0
- Author:
- Sabbu Uday Kumar, Ramadurai Saravana Pandian, Raj Jha, Urvil Joshi
-
-
Constructor Summary
Constructors Constructor Description SecurityConfig()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description org.springframework.security.authentication.AuthenticationManagerauthenticationManager()org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilterauthFilter()protected voidconfigure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)org.springframework.boot.web.servlet.FilterRegistrationBean<org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter>registration(org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter filter)-
Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
authenticationManagerBean, configure, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean
-
-
-
-
Method Detail
-
authenticationManager
@Bean public org.springframework.security.authentication.AuthenticationManager authenticationManager()
- Overrides:
authenticationManagerin classorg.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
-
authFilter
@Bean public org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter authFilter()
-
registration
@Bean public org.springframework.boot.web.servlet.FilterRegistrationBean<org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter> registration(org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter filter)
-
-