Class X509Configurer<H extends HttpSecurityBuilder<H>>

  • All Implemented Interfaces:

    public final class X509Configurer<H extends HttpSecurityBuilder<H>>
    extends AbstractHttpConfigurer<X509Configurer<H>,​H>
    Adds X509 based pre authentication to an application. Since validating the certificate happens when the client connects, the requesting and validation of the client certificate should be performed by the container. Spring Security will then use the certificate to look up the Authentication for the user.

    Security Filters

    The following Filters are populated

    • X509AuthenticationFilter

    Shared Objects Created

    The following shared objects are created

    Shared Objects Used

    The following shared objects are used:

    • A UserDetailsService shared object is used if no AuthenticationUserDetailsService is specified
    • Constructor Detail

    • Method Detail

      • x509AuthenticationFilter

        public X509Configurer<H> x509AuthenticationFilter​( x509AuthenticationFilter)
        Allows specifying the entire X509AuthenticationFilter. If this is specified, the properties on X509Configurer will not be populated on the X509AuthenticationFilter.
        x509AuthenticationFilter - the X509AuthenticationFilter to use
        the X509Configurer for further customizations
      • x509PrincipalExtractor

        public X509Configurer<H> x509PrincipalExtractor​( x509PrincipalExtractor)
        Specifies the X509PrincipalExtractor
        x509PrincipalExtractor - the X509PrincipalExtractor to use
        the X509Configurer to use
      • authenticationDetailsSource

        public X509Configurer<H> authenticationDetailsSource​(<javax.servlet.http.HttpServletRequest,​> authenticationDetailsSource)
        Specifies the AuthenticationDetailsSource
        authenticationDetailsSource - the AuthenticationDetailsSource to use
        the X509Configurer to use
      • authenticationUserDetailsService

        public X509Configurer<H> authenticationUserDetailsService​(<> authenticationUserDetailsService)
        Specifies the AuthenticationUserDetailsService to use. If not specified, the shared UserDetailsService will be used to create a UserDetailsByNameServiceWrapper. If a SecurityFilterChain bean is used instead of the WebSecurityConfigurerAdapter, then the UserDetailsService bean will be used by default.
        authenticationUserDetailsService - the AuthenticationUserDetailsService to use
        the X509Configurer for further customizations
      • subjectPrincipalRegex

        public X509Configurer<H> subjectPrincipalRegex​(java.lang.String subjectPrincipalRegex)
        Specifies the regex to extract the principal from the certificate. If not specified, the default expression from SubjectDnX509PrincipalExtractor is used.
        subjectPrincipalRegex - the regex to extract the user principal from the certificate (i.e. "CN=(.*?)(?:,|$)").
        the X509Configurer for further customizations