Package io.jmix.securityflowui

Class FlowuiSecurityConfiguration

java.lang.Object
io.jmix.securityflowui.FlowuiSecurityConfiguration
Direct Known Subclasses:
SecurityFlowuiAutoConfiguration.DefaultFlowuiSecurityConfiguration
public class FlowuiSecurityConfiguration extends Object

  • Field Details

    • LOGOUT_URL

      public static final String LOGOUT_URL
      See Also:

    • LOGOUT_SUCCESS_URL

      public static final String LOGOUT_SUCCESS_URL
      See Also:

    • SECURITY_CONFIGURER_QUALIFIER

      public static final String SECURITY_CONFIGURER_QUALIFIER
      See Also:

    • vaadinDefaultRequestCache

      protected com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache

    • configurationProperties

      protected com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties

    • requestUtil

      protected com.vaadin.flow.spring.security.RequestUtil requestUtil

    • viewAccessChecker

      protected FlowuiViewAccessChecker viewAccessChecker

    • flowuiProperties

      protected FlowuiProperties flowuiProperties

    • viewRegistry

      protected ViewRegistry viewRegistry

  • Constructor Details

    • FlowuiSecurityConfiguration

      public FlowuiSecurityConfiguration()

  • Method Details

    • setVaadinDefaultRequestCache

      @Autowired public void setVaadinDefaultRequestCache(com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache)

    • setConfigurationProperties

      @Autowired public void setConfigurationProperties(com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties)

    • setRequestUtil

      @Autowired public void setRequestUtil(com.vaadin.flow.spring.security.RequestUtil requestUtil)

    • setViewAccessChecker

      @Autowired public void setViewAccessChecker(FlowuiViewAccessChecker viewAccessChecker)

    • setFlowuiProperties

      @Autowired public void setFlowuiProperties(FlowuiProperties flowuiProperties)

    • setViewRegistry

      @Autowired public void setViewRegistry(ViewRegistry viewRegistry)

    • webSecurityCustomizer

      @Bean public org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer webSecurityCustomizer()
      The paths listed as "ignoring" in this method are handled without any Spring Security involvement. They have no access to any security context etc.

    • securityFilterChain

      @Bean("sec_FlowUiSecurityFilterChain") @Order(400) public org.springframework.security.web.SecurityFilterChain securityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Throws:
      Exception

    • providerManager

      @Bean("sec_AuthenticationManager") public org.springframework.security.authentication.AuthenticationManager providerManager(StandardAuthenticationProvidersProducer providersProducer, org.springframework.security.authentication.AuthenticationEventPublisher authenticationEventPublisher)

    • authenticationEventPublisher

      @Bean("sec_AuthenticationEventPublisher") public org.springframework.security.authentication.DefaultAuthenticationEventPublisher authenticationEventPublisher(org.springframework.context.ApplicationEventPublisher publisher)

    • initLoginView

      protected void initLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Throws:
      Exception

    • getDefaultHttpSecurityPermitMatcher

      public static org.springframework.security.web.util.matcher.RequestMatcher getDefaultHttpSecurityPermitMatcher(String urlMapping)
      Matcher for framework internal requests, with Vaadin servlet mapped on the given path.
      Parameters:
      urlMapping - url mapping for the Vaadin servlet.
      Returns:
      default HttpSecurity bypass matcher

    • getDefaultWebSecurityIgnoreMatcher

      public static org.springframework.security.web.util.matcher.RequestMatcher getDefaultWebSecurityIgnoreMatcher(String urlMapping)
      Matcher for Vaadin static (public) resources, with Vaadin servlet mapped on the given path.

      Assumes Vaadin servlet to be mapped on root path (/*).

      Parameters:
      urlMapping - the url mapping for the Vaadin servlet
      Returns:
      default WebSecurity ignore matcher

    • setLoginView

      protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String viewId) throws Exception
      Throws:
      Exception

    • setLoginView

      protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String viewId, String logoutUrl) throws Exception
      Throws:
      Exception

    • setLoginView

      protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> viewClass) throws Exception
      Throws:
      Exception

    • setLoginView

      protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> viewClass, String logoutUrl) throws Exception
      Throws:
      Exception

    • createLogoutRequestMatcher

      protected org.springframework.security.web.util.matcher.RequestMatcher createLogoutRequestMatcher(String logoutUrl)

    • createLogoutRequestMatcher

      protected org.springframework.security.web.util.matcher.RequestMatcher createLogoutRequestMatcher(String logoutUrl, String httpMethod)

    • createSuccessHandler

      protected com.vaadin.flow.spring.security.VaadinSavedRequestAwareAuthenticationSuccessHandler createSuccessHandler(org.springframework.security.config.annotation.web.builders.HttpSecurity http)

    • createAccessDeniedHandler

      protected org.springframework.security.web.access.AccessDeniedHandler createAccessDeniedHandler()

    • getUrlMapping

      public String getUrlMapping()

    • applyUrlMapping

      public String applyUrlMapping(String path)
      Prepends to the given path with the configured url mapping.

      A null path is treated as empty string; the same applies for url mapping.

      Parameters:
      path - a path
      Returns:
      the path with prepended url mapping.
      See Also:
      • VaadinConfigurationProperties.getUrlMapping()

    • applyUrlMapping

      public static String applyUrlMapping(@Nullable String urlMapping, @Nullable String path)
      Prepends to the given path with the servlet path prefix from input url mapping.

      A null path is treated as empty string; the same applies for url mapping.

      Parameters:
      path - a path
      urlMapping - url mapping
      Returns:
      the path with prepended url mapping.
      See Also:
      • VaadinConfigurationProperties.getUrlMapping()