Package org.springframework.security.config.annotation.web.configurers

Class JeeConfigurer<H extends HttpSecurityBuilder<H>>

java.lang.Object
org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<JeeConfigurer<H>,H>
org.springframework.security.config.annotation.web.configurers.JeeConfigurer<H>
All Implemented Interfaces:
SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H>
public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<JeeConfigurer<H>,H>
Adds support for J2EE pre authentication.

Security Filters

The following Filters are populated
  • J2eePreAuthenticatedProcessingFilter

Shared Objects Created

Shared Objects Used

The following shared objects are used:
  • AuthenticationManager
Since:
3.2

  • Constructor Details

    • JeeConfigurer

      public JeeConfigurer()
      Creates a new instance
      See Also:

  • Method Details

    • mappableAuthorities

      public JeeConfigurer<H> mappableAuthorities(String... mappableRoles)
      Specifies roles to use map from the HttpServletRequest to the UserDetails. If HttpServletRequest.isUserInRole(String) returns true, the role is added to the UserDetails. This method is the equivalent of invoking mappableAuthorities(Set). Multiple invocations of mappableAuthorities(String...) will override previous invocations.

      There are no default roles that are mapped.

      Parameters:
      mappableRoles - the roles to attempt to map to the UserDetails (i.e. "ROLE_USER", "ROLE_ADMIN", etc).
      Returns:
      the JeeConfigurer for further customizations
      See Also:

    • mappableRoles

      public JeeConfigurer<H> mappableRoles(String... mappableRoles)
      Specifies roles to use map from the HttpServletRequest to the UserDetails and automatically prefixes it with "ROLE_". If HttpServletRequest.isUserInRole(String) returns true, the role is added to the UserDetails. This method is the equivalent of invoking mappableAuthorities(Set). Multiple invocations of mappableRoles(String...) will override previous invocations.

      There are no default roles that are mapped.

      Parameters:
      mappableRoles - the roles to attempt to map to the UserDetails (i.e. "USER", "ADMIN", etc).
      Returns:
      the JeeConfigurer for further customizations
      See Also:

    • mappableAuthorities

      public JeeConfigurer<H> mappableAuthorities(Set<String> mappableRoles)
      Specifies roles to use map from the HttpServletRequest to the UserDetails. If HttpServletRequest.isUserInRole(String) returns true, the role is added to the UserDetails. This is the equivalent of mappableRoles(String...). Multiple invocations of mappableAuthorities(Set) will override previous invocations.

      There are no default roles that are mapped.

      Parameters:
      mappableRoles - the roles to attempt to map to the UserDetails.
      Returns:
      the JeeConfigurer for further customizations
      See Also:
      • SimpleMappableAttributesRetriever

    • authenticatedUserDetailsService

      public JeeConfigurer<H> authenticatedUserDetailsService(org.springframework.security.core.userdetails.AuthenticationUserDetailsService<org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken> authenticatedUserDetailsService)
      Specifies the AuthenticationUserDetailsService that is used with the PreAuthenticatedAuthenticationProvider. The default is a PreAuthenticatedGrantedAuthoritiesUserDetailsService.
      Parameters:
      authenticatedUserDetailsService - the AuthenticationUserDetailsService to use.
      Returns:
      the JeeConfigurer for further configuration

    • j2eePreAuthenticatedProcessingFilter

      public JeeConfigurer<H> j2eePreAuthenticatedProcessingFilter(org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter j2eePreAuthenticatedProcessingFilter)
      Allows specifying the J2eePreAuthenticatedProcessingFilter to use. If J2eePreAuthenticatedProcessingFilter is provided, all of its attributes must also be configured manually (i.e. all attributes populated in the JeeConfigurer are not used).
      Parameters:
      j2eePreAuthenticatedProcessingFilter - the J2eePreAuthenticatedProcessingFilter to use.
      Returns:
      the JeeConfigurer for further configuration

    • init

      public void init(H http)
      Populates a PreAuthenticatedAuthenticationProvider into HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider) and a Http403ForbiddenEntryPoint into HttpSecurityBuilder.setSharedObject(Class, Object)
      Specified by:
      init in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
      Overrides:
      init in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
      See Also:

    • configure

      public void configure(H http)
      Description copied from interface: SecurityConfigurer
      Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
      Specified by:
      configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
      Overrides:
      configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>