Example usage for org.springframework.security.config.http AuthenticationConfigBuilder AuthenticationConfigBuilder

List of usage examples for org.springframework.security.config.http AuthenticationConfigBuilder AuthenticationConfigBuilder

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.http.*
  5. AuthenticationConfigBuilder
  6. AuthenticationConfigBuilder

Introduction

In this page you can find the example usage for org.springframework.security.config.http AuthenticationConfigBuilder AuthenticationConfigBuilder.

Prototype

public AuthenticationConfigBuilder(Element element, boolean forceAutoConfig, ParserContext pc,
            SessionCreationPolicy sessionPolicy, BeanReference requestCache, BeanReference authenticationManager,
            BeanReference sessionStrategy, BeanReference portMapper, BeanReference portResolver,
            BeanMetadataElement csrfLogoutHandler)

Source Link

Usage

From source file:org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.java

/**
 * Creates the {@code SecurityFilterChain} bean from an <http> element.
 *///  w  ww  . j  ava2 s.co m
private BeanReference createFilterChain(Element element, ParserContext pc) {
    boolean secured = !OPT_SECURITY_NONE.equals(element.getAttribute(ATT_SECURED));

    if (!secured) {
        if (!StringUtils.hasText(element.getAttribute(ATT_PATH_PATTERN))
                && !StringUtils.hasText(ATT_REQUEST_MATCHER_REF)) {
            pc.getReaderContext()
                    .error("The '" + ATT_SECURED + "' attribute must be used in combination with" + " the '"
                            + ATT_PATH_PATTERN + "' or '" + ATT_REQUEST_MATCHER_REF + "' attributes.",
                            pc.extractSource(element));
        }

        for (int n = 0; n < element.getChildNodes().getLength(); n++) {
            if (element.getChildNodes().item(n) instanceof Element) {
                pc.getReaderContext().error("If you are using <http> to define an unsecured pattern, "
                        + "it cannot contain child elements.", pc.extractSource(element));
            }
        }

        return createSecurityFilterChainBean(element, pc, Collections.emptyList());
    }

    final BeanReference portMapper = createPortMapper(element, pc);
    final BeanReference portResolver = createPortResolver(portMapper, pc);

    ManagedList<BeanReference> authenticationProviders = new ManagedList<>();
    BeanReference authenticationManager = createAuthenticationManager(element, pc, authenticationProviders);

    boolean forceAutoConfig = isDefaultHttpConfig(element);
    HttpConfigurationBuilder httpBldr = new HttpConfigurationBuilder(element, forceAutoConfig, pc, portMapper,
            portResolver, authenticationManager);

    AuthenticationConfigBuilder authBldr = new AuthenticationConfigBuilder(element, forceAutoConfig, pc,
            httpBldr.getSessionCreationPolicy(), httpBldr.getRequestCache(), authenticationManager,
            httpBldr.getSessionStrategy(), portMapper, portResolver, httpBldr.getCsrfLogoutHandler());

    httpBldr.setLogoutHandlers(authBldr.getLogoutHandlers());
    httpBldr.setEntryPoint(authBldr.getEntryPointBean());
    httpBldr.setAccessDeniedHandler(authBldr.getAccessDeniedHandlerBean());

    authenticationProviders.addAll(authBldr.getProviders());

    List<OrderDecorator> unorderedFilterChain = new ArrayList<>();

    unorderedFilterChain.addAll(httpBldr.getFilters());
    unorderedFilterChain.addAll(authBldr.getFilters());
    unorderedFilterChain.addAll(buildCustomFilterList(element, pc));

    Collections.sort(unorderedFilterChain, new OrderComparator());
    checkFilterChainOrder(unorderedFilterChain, pc, pc.extractSource(element));

    // The list of filter beans
    List<BeanMetadataElement> filterChain = new ManagedList<>();

    for (OrderDecorator od : unorderedFilterChain) {
        filterChain.add(od.bean);
    }

    return createSecurityFilterChainBean(element, pc, filterChain);
}