Package io.jmix.securityflowui

Class FlowuiSecurityConfiguration

java.lang.Object
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
io.jmix.security.StandardSecurityConfiguration
io.jmix.securityflowui.FlowuiSecurityConfiguration
All Implemented Interfaces:
org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>
Direct Known Subclasses:
SecurityFlowuiAutoConfiguration.DefaultFlowuiSecurityConfiguration
@Order(200) public class FlowuiSecurityConfiguration extends StandardSecurityConfiguration

  • Field Details

    • LOGOUT_URL

      public static final String LOGOUT_URL
      See Also:

    • LOGOUT_SUCCESS_URL

      public static final String LOGOUT_SUCCESS_URL
      See Also:

    • vaadinDefaultRequestCache

      protected com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache

    • configurationProperties

      protected com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties

    • requestUtil

      protected com.vaadin.flow.spring.security.RequestUtil requestUtil

    • screenAccessChecker

      protected FlowuiScreenAccessChecker screenAccessChecker

    • flowuiProperties

      protected FlowuiProperties flowuiProperties

    • screenRegistry

      protected ScreenRegistry screenRegistry

  • Constructor Details

    • FlowuiSecurityConfiguration

      public FlowuiSecurityConfiguration()

  • Method Details

    • setVaadinDefaultRequestCache

      @Autowired public void setVaadinDefaultRequestCache(com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache)

    • setConfigurationProperties

      @Autowired public void setConfigurationProperties(com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties)

    • setRequestUtil

      @Autowired public void setRequestUtil(com.vaadin.flow.spring.security.RequestUtil requestUtil)

    • setScreenAccessChecker

      @Autowired public void setScreenAccessChecker(FlowuiScreenAccessChecker screenAccessChecker)

    • setFlowuiProperties

      @Autowired public void setFlowuiProperties(FlowuiProperties flowuiProperties)

    • setScreenRegistry

      @Autowired public void setScreenRegistry(ScreenRegistry screenRegistry)

    • configure

      public void configure(org.springframework.security.config.annotation.web.builders.WebSecurity web) throws Exception
      The paths listed as "ignoring" in this method are handled without any Spring Security involvement. They have no access to any security context etc.

      Specified by:
      configure in interface org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>
      Overrides:
      configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
      Throws:
      Exception

    • configure

      protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Overrides:
      configure in class StandardSecurityConfiguration
      Throws:
      Exception

    • initLoginScreen

      protected void initLoginScreen(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Throws:
      Exception

    • getDefaultHttpSecurityPermitMatcher

      public static org.springframework.security.web.util.matcher.RequestMatcher getDefaultHttpSecurityPermitMatcher(String urlMapping)
      Matcher for framework internal requests, with Vaadin servlet mapped on the given path.
      Parameters:
      urlMapping - url mapping for the Vaadin servlet.
      Returns:
      default HttpSecurity bypass matcher

    • getDefaultWebSecurityIgnoreMatcher

      public static org.springframework.security.web.util.matcher.RequestMatcher getDefaultWebSecurityIgnoreMatcher(String urlMapping)
      Matcher for Vaadin static (public) resources, with Vaadin servlet mapped on the given path.

      Assumes Vaadin servlet to be mapped on root path (/*).

      Parameters:
      urlMapping - the url mapping for the Vaadin servlet
      Returns:
      default WebSecurity ignore matcher

    • setLoginScreen

      protected void setLoginScreen(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String screenId) throws Exception
      Throws:
      Exception

    • setLoginScreen

      protected void setLoginScreen(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String screenId, String logoutUrl) throws Exception
      Throws:
      Exception

    • setLoginScreen

      protected void setLoginScreen(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> screenClass) throws Exception
      Throws:
      Exception

    • setLoginScreen

      protected void setLoginScreen(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> screenClass, String logoutUrl) throws Exception
      Throws:
      Exception

    • createLogoutRequestMatcher

      protected org.springframework.security.web.util.matcher.RequestMatcher createLogoutRequestMatcher(String logoutUrl)

    • createLogoutRequestMatcher

      protected org.springframework.security.web.util.matcher.RequestMatcher createLogoutRequestMatcher(String logoutUrl, String httpMethod)

    • createSuccessHandler

      protected com.vaadin.flow.spring.security.VaadinSavedRequestAwareAuthenticationSuccessHandler createSuccessHandler(org.springframework.security.config.annotation.web.builders.HttpSecurity http)

    • createAccessDeniedHandler

      protected org.springframework.security.web.access.AccessDeniedHandler createAccessDeniedHandler()

    • getUrlMapping

      public String getUrlMapping()

    • applyUrlMapping

      public String applyUrlMapping(String path)
      Prepends to the given path with the configured url mapping.

      A null path is treated as empty string; the same applies for url mapping.

      Returns:
      the path with prepended url mapping.
      See Also:
      • VaadinConfigurationProperties.getUrlMapping()

    • applyUrlMapping

      public static String applyUrlMapping(String urlMapping, String path)
      Prepends to the given path with the servlet path prefix from input url mapping.

      A null path is treated as empty string; the same applies for url mapping.

      Returns:
      the path with prepended url mapping.
      See Also:
      • VaadinConfigurationProperties.getUrlMapping()