Java-Based Spring Security Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 7: Line 7:
This article describes [[Spring_Dependency_Injection_and_Inversion_of_Control_Container_Concepts#Java-based_Configuration|Java-based]] Spring Security configuration. This method can be used to configure the following security aspects:
This article describes [[Spring_Dependency_Injection_and_Inversion_of_Control_Container_Concepts#Java-based_Configuration|Java-based]] Spring Security configuration. This method can be used to configure the following security aspects:
* one of the available [[Spring_Security_Concepts#User_Store|user stores]], such as the [[Spring_Security_Concepts#In-Memory_User_Store|in-memory user store]], [[Spring_Security_Concepts#JDBC-based_User_Store|JDBC user store]] or [[Spring_Security_Concepts#LDAP-Backed_User_Store|LDAP-backed user store]], or alternatively, a [[Spring_Security_Concepts#Custom_User_Detail_Service|custom user details service]].
* one of the available [[Spring_Security_Concepts#User_Store|user stores]], such as the [[Spring_Security_Concepts#In-Memory_User_Store|in-memory user store]], [[Spring_Security_Concepts#JDBC-based_User_Store|JDBC user store]] or [[Spring_Security_Concepts#LDAP-Backed_User_Store|LDAP-backed user store]], or alternatively, a [[Spring_Security_Concepts#Custom_User_Detail_Service|custom user details service]].
* what web request should be secured.
* [[#Securing_Web_Requests|what web requests should be secured]].


=Configuration Class=
=Configuration Class=

Revision as of 21:18, 10 November 2018

Internal

Overview

This article describes Java-based Spring Security configuration. This method can be used to configure the following security aspects:

Configuration Class

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

  @Override
  protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    ...
  }
}

Securing Web Requests