Package io.jmix.securityflowui
Class FlowuiSecurityConfiguration
java.lang.Object
io.jmix.securityflowui.FlowuiSecurityConfiguration
- Direct Known Subclasses:
SecurityFlowuiAutoConfiguration.DefaultFlowuiSecurityConfiguration
-
Nested Class Summary
Modifier and TypeClassDescriptionprotected static class
-
Field Summary
Modifier and TypeFieldDescriptionprotected org.springframework.context.ApplicationContext
protected com.vaadin.flow.spring.VaadinConfigurationProperties
static final String
static final String
protected com.vaadin.flow.spring.security.RequestUtil
static final String
protected org.springframework.boot.autoconfigure.web.ServerProperties
protected UiProperties
protected com.vaadin.flow.spring.security.VaadinDefaultRequestCache
protected UiViewAccessChecker
protected ViewRegistry
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionapplyUrlMapping
(String path) Prepends to the givenpath
with the configured url mapping.static String
applyUrlMapping
(String urlMapping, String path) Prepends to the givenpath
with the servlet path prefix from input url mapping.protected void
configure
(org.springframework.security.config.annotation.web.builders.HttpSecurity http) protected org.springframework.security.web.access.AccessDeniedHandler
protected org.springframework.security.web.util.matcher.RequestMatcher
createLogoutRequestMatcher
(String logoutUrl) protected org.springframework.security.web.util.matcher.RequestMatcher
createLogoutRequestMatcher
(String logoutUrl, String httpMethod) protected com.vaadin.flow.spring.security.VaadinSavedRequestAwareAuthenticationSuccessHandler
createSuccessHandler
(org.springframework.security.config.annotation.web.builders.HttpSecurity http) static org.springframework.security.web.util.matcher.RequestMatcher
getDefaultHttpSecurityPermitMatcher
(String urlMapping) Matcher for framework internal requests, with Vaadin servlet mapped on the given path.static org.springframework.security.web.util.matcher.RequestMatcher
getDefaultWebSecurityIgnoreMatcher
(String urlMapping) Matcher for Vaadin static (public) resources, with Vaadin servlet mapped on the given path.protected void
initLoginView
(org.springframework.security.config.annotation.web.builders.HttpSecurity http) org.springframework.security.web.SecurityFilterChain
securityFilterChain
(org.springframework.security.config.annotation.web.builders.HttpSecurity http) void
setApplicationContext
(org.springframework.context.ApplicationContext applicationContext) void
setConfigurationProperties
(com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties) protected void
setLoginView
(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> viewClass) protected void
setLoginView
(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> loginViewClass, String logoutUrl) protected void
setLoginView
(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String viewId) protected void
setLoginView
(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String viewId, String logoutUrl) void
setRequestUtil
(com.vaadin.flow.spring.security.RequestUtil requestUtil) void
setServerProperties
(org.springframework.boot.autoconfigure.web.ServerProperties serverProperties) void
setUiProperties
(UiProperties uiProperties) void
setVaadinDefaultRequestCache
(com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache) void
setViewAccessChecker
(UiViewAccessChecker viewAccessChecker) void
setViewRegistry
(ViewRegistry viewRegistry) org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer
The paths listed as "ignoring" in this method are handled without any Spring Security involvement.
-
Field Details
-
LOGOUT_URL
- See Also:
-
LOGOUT_SUCCESS_URL
- See Also:
-
SECURITY_CONFIGURER_QUALIFIER
- See Also:
-
applicationContext
protected org.springframework.context.ApplicationContext applicationContext -
vaadinDefaultRequestCache
protected com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache -
configurationProperties
protected com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties -
requestUtil
protected com.vaadin.flow.spring.security.RequestUtil requestUtil -
viewAccessChecker
-
uiProperties
-
viewRegistry
-
serverProperties
protected org.springframework.boot.autoconfigure.web.ServerProperties serverProperties
-
-
Constructor Details
-
FlowuiSecurityConfiguration
public FlowuiSecurityConfiguration()
-
-
Method Details
-
setApplicationContext
@Autowired public void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) -
setVaadinDefaultRequestCache
@Autowired public void setVaadinDefaultRequestCache(com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache) -
setConfigurationProperties
@Autowired public void setConfigurationProperties(com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties) -
setRequestUtil
@Autowired public void setRequestUtil(com.vaadin.flow.spring.security.RequestUtil requestUtil) -
setViewAccessChecker
-
setUiProperties
-
setViewRegistry
-
setServerProperties
@Autowired public void setServerProperties(org.springframework.boot.autoconfigure.web.ServerProperties serverProperties) -
webSecurityCustomizer
@Bean public org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer webSecurityCustomizer()The paths listed as "ignoring" in this method are handled without any Spring Security involvement. They have no access to any security context etc. -
securityFilterChain
@Bean("sec_UiSecurityFilterChain") @Order(400) public org.springframework.security.web.SecurityFilterChain securityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception - Throws:
Exception
-
configure
protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception - Throws:
Exception
-
initLoginView
protected void initLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception - Throws:
Exception
-
getDefaultHttpSecurityPermitMatcher
public static org.springframework.security.web.util.matcher.RequestMatcher getDefaultHttpSecurityPermitMatcher(String urlMapping) Matcher for framework internal requests, with Vaadin servlet mapped on the given path.- Parameters:
urlMapping
- url mapping for the Vaadin servlet.- Returns:
- default
HttpSecurity
bypass matcher
-
getDefaultWebSecurityIgnoreMatcher
public static org.springframework.security.web.util.matcher.RequestMatcher getDefaultWebSecurityIgnoreMatcher(String urlMapping) Matcher for Vaadin static (public) resources, with Vaadin servlet mapped on the given path.Assumes Vaadin servlet to be mapped on root path (/*).
- Parameters:
urlMapping
- the url mapping for the Vaadin servlet- Returns:
- default
WebSecurity
ignore matcher
-
setLoginView
protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String viewId) throws Exception - Throws:
Exception
-
setLoginView
protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String viewId, String logoutUrl) throws Exception - Throws:
Exception
-
setLoginView
protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> viewClass) throws Exception - Throws:
Exception
-
setLoginView
protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> loginViewClass, String logoutUrl) throws Exception - Throws:
Exception
-
createLogoutRequestMatcher
protected org.springframework.security.web.util.matcher.RequestMatcher createLogoutRequestMatcher(String logoutUrl) -
createLogoutRequestMatcher
-
createSuccessHandler
protected com.vaadin.flow.spring.security.VaadinSavedRequestAwareAuthenticationSuccessHandler createSuccessHandler(org.springframework.security.config.annotation.web.builders.HttpSecurity http) -
createAccessDeniedHandler
protected org.springframework.security.web.access.AccessDeniedHandler createAccessDeniedHandler() -
getUrlMapping
-
applyUrlMapping
Prepends to the givenpath
with the configured url mapping.A
null
path is treated as empty string; the same applies for url mapping.- Parameters:
path
- a path- Returns:
- the path with prepended url mapping.
- See Also:
-
VaadinConfigurationProperties.getUrlMapping()
-
applyUrlMapping
Prepends to the givenpath
with the servlet path prefix from input url mapping.A
null
path is treated as empty string; the same applies for url mapping.- Parameters:
path
- a pathurlMapping
- url mapping- Returns:
- the path with prepended url mapping.
- See Also:
-
VaadinConfigurationProperties.getUrlMapping()
-