Example usage for org.springframework.security.config.http HttpConfigurationBuilder getSessionCreationPolicy

List of usage examples for org.springframework.security.config.http HttpConfigurationBuilder getSessionCreationPolicy

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.http.*
  5. HttpConfigurationBuilder
  6. getSessionCreationPolicy

Introduction

In this page you can find the example usage for org.springframework.security.config.http HttpConfigurationBuilder getSessionCreationPolicy.

Prototype

SessionCreationPolicy getSessionCreationPolicy()

Source Link

Usage

From source file:org.springframework.security.config.http.HttpSecurityBeanDefinitionParser.java

/**
 * Creates the {@code SecurityFilterChain} bean from an <http> element.
 *///from   ww  w  .j  a  va2  s . com
private BeanReference createFilterChain(Element element, ParserContext pc) {
    boolean secured = !OPT_SECURITY_NONE.equals(element.getAttribute(ATT_SECURED));

    if (!secured) {
        if (!StringUtils.hasText(element.getAttribute(ATT_PATH_PATTERN))
                && !StringUtils.hasText(ATT_REQUEST_MATCHER_REF)) {
            pc.getReaderContext()
                    .error("The '" + ATT_SECURED + "' attribute must be used in combination with" + " the '"
                            + ATT_PATH_PATTERN + "' or '" + ATT_REQUEST_MATCHER_REF + "' attributes.",
                            pc.extractSource(element));
        }

        for (int n = 0; n < element.getChildNodes().getLength(); n++) {
            if (element.getChildNodes().item(n) instanceof Element) {
                pc.getReaderContext().error("If you are using <http> to define an unsecured pattern, "
                        + "it cannot contain child elements.", pc.extractSource(element));
            }
        }

        return createSecurityFilterChainBean(element, pc, Collections.emptyList());
    }

    final BeanReference portMapper = createPortMapper(element, pc);
    final BeanReference portResolver = createPortResolver(portMapper, pc);

    ManagedList<BeanReference> authenticationProviders = new ManagedList<>();
    BeanReference authenticationManager = createAuthenticationManager(element, pc, authenticationProviders);

    boolean forceAutoConfig = isDefaultHttpConfig(element);
    HttpConfigurationBuilder httpBldr = new HttpConfigurationBuilder(element, forceAutoConfig, pc, portMapper,
            portResolver, authenticationManager);

    AuthenticationConfigBuilder authBldr = new AuthenticationConfigBuilder(element, forceAutoConfig, pc,
            httpBldr.getSessionCreationPolicy(), httpBldr.getRequestCache(), authenticationManager,
            httpBldr.getSessionStrategy(), portMapper, portResolver, httpBldr.getCsrfLogoutHandler());

    httpBldr.setLogoutHandlers(authBldr.getLogoutHandlers());
    httpBldr.setEntryPoint(authBldr.getEntryPointBean());
    httpBldr.setAccessDeniedHandler(authBldr.getAccessDeniedHandlerBean());

    authenticationProviders.addAll(authBldr.getProviders());

    List<OrderDecorator> unorderedFilterChain = new ArrayList<>();

    unorderedFilterChain.addAll(httpBldr.getFilters());
    unorderedFilterChain.addAll(authBldr.getFilters());
    unorderedFilterChain.addAll(buildCustomFilterList(element, pc));

    Collections.sort(unorderedFilterChain, new OrderComparator());
    checkFilterChainOrder(unorderedFilterChain, pc, pc.extractSource(element));

    // The list of filter beans
    List<BeanMetadataElement> filterChain = new ManagedList<>();

    for (OrderDecorator od : unorderedFilterChain) {
        filterChain.add(od.bean);
    }

    return createSecurityFilterChainBean(element, pc, filterChain);
}