Package org.springframework.security.config.annotation.web.configurers

Class SecurityContextConfigurer<H extends HttpSecurityBuilder<H>>

java.lang.Object

org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>

org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<SecurityContextConfigurer<H>,H>

org.springframework.security.config.annotation.web.configurers.SecurityContextConfigurer<H>

All Implemented Interfaces:

SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H>

public final class SecurityContextConfigurer<H extends HttpSecurityBuilder<H>>
extends AbstractHttpConfigurer<SecurityContextConfigurer<H>,H>

Allows persisting and restoring of the SecurityContext found on the SecurityContextHolder for each request by configuring the SecurityContextPersistenceFilter. All properties have reasonable defaults, so no additional configuration is required other than applying this SecurityConfigurer.

Security Filters

The following Filters are populated

• SecurityContextPersistenceFilter

Shared Objects Created

No shared objects are created.

Shared Objects Used

The following shared objects are used:

• If SessionManagementConfigurer, is provided and set to always, then the SecurityContextPersistenceFilter.setForceEagerSessionCreation(boolean) will be set to true.
• SecurityContextRepository must be set and is used on SecurityContextPersistenceFilter.

Since:

3.2

Constructor Summary

Constructors

Constructor	Description
SecurityContextConfigurer()	Creates a new instance

Method Summary

Modifier and Type	Method	Description
void	configure(H http)	Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
SecurityContextConfigurer<H>	requireExplicitSave(boolean requireExplicitSave)
SecurityContextConfigurer<H>	securityContextRepository(org.springframework.security.web.context.SecurityContextRepository securityContextRepository)	Specifies the shared SecurityContextRepository that is to be used

Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer

disable, getSecurityContextHolderStrategy, withObjectPostProcessor

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter

addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilder

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecurityContextConfigurer

public SecurityContextConfigurer()

Creates a new instance

See Also:

• HttpSecurity.securityContext()

Method Details

securityContextRepository

public SecurityContextConfigurer<H> securityContextRepository(org.springframework.security.web.context.SecurityContextRepository securityContextRepository)

Specifies the shared SecurityContextRepository that is to be used

Parameters:

securityContextRepository - the SecurityContextRepository to use

Returns:

the HttpSecurity for further customizations

requireExplicitSave

public SecurityContextConfigurer<H> requireExplicitSave(boolean requireExplicitSave)

configure

public void configure(H http)

Description copied from interface: SecurityConfigurer

Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.

Specified by:

configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>

Overrides:

configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>