Package se.bth.pulse.security

Class ApplicationSecurity

java.lang.Object
se.bth.pulse.security.ApplicationSecurity
@Configuration @EnableWebSecurity public class ApplicationSecurity extends Object
ApplicationSecurity class. Configures the security for the application. Also sets the password encoder and user details service. This class configures CSRF protection.

  • Constructor Summary

    Constructors
    Constructor
    Description
    ApplicationSecurity()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.security.authentication.dao.DaoAuthenticationProvider
    authenticationProvider()
    Configures the authentication provider.
    protected org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
    configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
    This configures a spring bean to use our customized authentication provider.
    org.springframework.security.web.SecurityFilterChain
    filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity, org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher.Builder mvc)
    Configures the security for the application.
    org.springframework.security.crypto.password.PasswordEncoder
    passwordEncoder()
     
    org.springframework.security.core.userdetails.UserDetailsService
    userDetailsService()
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • ApplicationSecurity

      public ApplicationSecurity()

  • Method Details

    • filterChain

      @Bean public org.springframework.security.web.SecurityFilterChain filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity, org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher.Builder mvc) throws Exception
      Configures the security for the application. Including CSRF protection, authorization and authentication. Using paths it sets who is allowed to access what.
      Parameters:
      httpSecurity - HttpSecurity
      mvc - MvcRequestMatcher.Builder
      Returns:
      SecurityFilterChain
      Throws:
      Exception - Exception

    • passwordEncoder

      @Bean public org.springframework.security.crypto.password.PasswordEncoder passwordEncoder()

    • userDetailsService

      @Bean public org.springframework.security.core.userdetails.UserDetailsService userDetailsService()

    • authenticationProvider

      @Bean public org.springframework.security.authentication.dao.DaoAuthenticationProvider authenticationProvider()
      Configures the authentication provider. Sets our user details service to be used and Bcrypt password encoder. Returns a customized authentication provider.
      Returns:
      DaoAuthenticationProvider

    • configure

      @Bean @Primary protected org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
      This configures a spring bean to use our customized authentication provider. It needs to be set as Primary to be used, otherwise it will use the default one.
      Parameters:
      auth - AuthenticationManagerBuilder
      Returns:
      AuthenticationManagerBuilder