Class FlowuiSecurityConfiguration

java.lang.Object
io.jmix.securityflowui.FlowuiSecurityConfiguration
Direct Known Subclasses:
SecurityFlowuiAutoConfiguration.DefaultFlowuiSecurityConfiguration

public class FlowuiSecurityConfiguration extends Object
  • Field Details

    • LOGOUT_URL

      public static final String LOGOUT_URL
      See Also:
    • LOGOUT_SUCCESS_URL

      public static final String LOGOUT_SUCCESS_URL
      See Also:
    • SECURITY_CONFIGURER_QUALIFIER

      public static final String SECURITY_CONFIGURER_QUALIFIER
      See Also:
    • applicationContext

      protected org.springframework.context.ApplicationContext applicationContext
    • vaadinDefaultRequestCache

      protected com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache
    • configurationProperties

      protected com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties
    • requestUtil

      protected com.vaadin.flow.spring.security.RequestUtil requestUtil
    • viewAccessChecker

      protected UiViewAccessChecker viewAccessChecker
    • uiProperties

      protected UiProperties uiProperties
    • viewRegistry

      protected ViewRegistry viewRegistry
    • serverProperties

      protected org.springframework.boot.autoconfigure.web.ServerProperties serverProperties
  • Constructor Details

    • FlowuiSecurityConfiguration

      public FlowuiSecurityConfiguration()
  • Method Details

    • setApplicationContext

      @Autowired public void setApplicationContext(org.springframework.context.ApplicationContext applicationContext)
    • setVaadinDefaultRequestCache

      @Autowired public void setVaadinDefaultRequestCache(com.vaadin.flow.spring.security.VaadinDefaultRequestCache vaadinDefaultRequestCache)
    • setConfigurationProperties

      @Autowired public void setConfigurationProperties(com.vaadin.flow.spring.VaadinConfigurationProperties configurationProperties)
    • setRequestUtil

      @Autowired public void setRequestUtil(com.vaadin.flow.spring.security.RequestUtil requestUtil)
    • setViewAccessChecker

      @Autowired public void setViewAccessChecker(UiViewAccessChecker viewAccessChecker)
    • setUiProperties

      @Autowired public void setUiProperties(UiProperties uiProperties)
    • setViewRegistry

      @Autowired public void setViewRegistry(ViewRegistry viewRegistry)
    • setServerProperties

      @Autowired public void setServerProperties(org.springframework.boot.autoconfigure.web.ServerProperties serverProperties)
    • webSecurityCustomizer

      @Bean public org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer webSecurityCustomizer()
      The paths listed as "ignoring" in this method are handled without any Spring Security involvement. They have no access to any security context etc.

    • securityFilterChain

      @Bean("sec_UiSecurityFilterChain") @Order(400) public org.springframework.security.web.SecurityFilterChain securityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Throws:
      Exception
    • configure

      protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Throws:
      Exception
    • initLoginView

      protected void initLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Throws:
      Exception
    • getDefaultHttpSecurityPermitMatcher

      public static org.springframework.security.web.util.matcher.RequestMatcher getDefaultHttpSecurityPermitMatcher(String urlMapping)
      Matcher for framework internal requests, with Vaadin servlet mapped on the given path.
      Parameters:
      urlMapping - url mapping for the Vaadin servlet.
      Returns:
      default HttpSecurity bypass matcher
    • getDefaultWebSecurityIgnoreMatcher

      public static org.springframework.security.web.util.matcher.RequestMatcher getDefaultWebSecurityIgnoreMatcher(String urlMapping)
      Matcher for Vaadin static (public) resources, with Vaadin servlet mapped on the given path.

      Assumes Vaadin servlet to be mapped on root path (/*).

      Parameters:
      urlMapping - the url mapping for the Vaadin servlet
      Returns:
      default WebSecurity ignore matcher
    • setLoginView

      protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String viewId) throws Exception
      Throws:
      Exception
    • setLoginView

      protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, String viewId, String logoutUrl) throws Exception
      Throws:
      Exception
    • setLoginView

      protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> viewClass) throws Exception
      Throws:
      Exception
    • setLoginView

      protected void setLoginView(org.springframework.security.config.annotation.web.builders.HttpSecurity http, Class<? extends com.vaadin.flow.component.Component> loginViewClass, String logoutUrl) throws Exception
      Throws:
      Exception
    • createLogoutRequestMatcher

      protected org.springframework.security.web.util.matcher.RequestMatcher createLogoutRequestMatcher(String logoutUrl)
    • createLogoutRequestMatcher

      protected org.springframework.security.web.util.matcher.RequestMatcher createLogoutRequestMatcher(String logoutUrl, String httpMethod)
    • createSuccessHandler

      protected com.vaadin.flow.spring.security.VaadinSavedRequestAwareAuthenticationSuccessHandler createSuccessHandler(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
    • createAccessDeniedHandler

      protected org.springframework.security.web.access.AccessDeniedHandler createAccessDeniedHandler()
    • getUrlMapping

      public String getUrlMapping()
    • applyUrlMapping

      public String applyUrlMapping(String path)
      Prepends to the given path with the configured url mapping.

      A null path is treated as empty string; the same applies for url mapping.

      Parameters:
      path - a path
      Returns:
      the path with prepended url mapping.
      See Also:
      • VaadinConfigurationProperties.getUrlMapping()
    • applyUrlMapping

      public static String applyUrlMapping(@Nullable String urlMapping, @Nullable String path)
      Prepends to the given path with the servlet path prefix from input url mapping.

      A null path is treated as empty string; the same applies for url mapping.

      Parameters:
      path - a path
      urlMapping - url mapping
      Returns:
      the path with prepended url mapping.
      See Also:
      • VaadinConfigurationProperties.getUrlMapping()
    • getLoginPath

      protected String getLoginPath()