public final class X509Configurer<H extends HttpSecurityBuilder<H>> extends SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
Authentication
for the user.
X509AuthenticationFilter
AuthenticationEntryPoint
is populated with an Http403ForbiddenEntryPoint
PreAuthenticatedAuthenticationProvider
is populated into
HttpSecurity.authenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
UserDetailsService
shared object is used if no AuthenticationUserDetailsService
is specifiedConstructor and Description |
---|
X509Configurer()
Creates a new instance
|
Modifier and Type | Method and Description |
---|---|
X509Configurer<H> |
authenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<javax.servlet.http.HttpServletRequest,org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails> authenticationDetailsSource)
Specifies the
AuthenticationDetailsSource |
X509Configurer<H> |
authenticationUserDetailsService(org.springframework.security.core.userdetails.AuthenticationUserDetailsService<org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken> authenticationUserDetailsService)
Specifies the
AuthenticationUserDetailsService to use. |
void |
configure(H http)
Configure the
SecurityBuilder by setting the necessary properties
on the SecurityBuilder . |
B |
disable()
Disables the
AbstractHttpConfigurer by removing it. |
void |
init(H http)
Initialize the
SecurityBuilder . |
X509Configurer<H> |
subjectPrincipalRegex(String subjectPrincipalRegex)
Specifies the regex to extract the principal from the certificate.
|
X509Configurer<H> |
userDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
Shortcut for invoking
authenticationUserDetailsService(AuthenticationUserDetailsService) with a UserDetailsByNameServiceWrapper . |
T |
withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) |
X509Configurer<H> |
x509AuthenticationFilter(org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter x509AuthenticationFilter)
Allows specifying the entire
X509AuthenticationFilter . |
addObjectPostProcessor, and, getBuilder, postProcess, setBuilder
public X509Configurer()
HttpSecurity.x509()
public X509Configurer<H> x509AuthenticationFilter(org.springframework.security.web.authentication.preauth.x509.X509AuthenticationFilter x509AuthenticationFilter)
X509AuthenticationFilter
. If this is
specified, the properties on X509Configurer
will not be
populated on the X509AuthenticationFilter
.x509AuthenticationFilter
- the X509AuthenticationFilter
to useX509Configurer
for further customizationspublic X509Configurer<H> authenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<javax.servlet.http.HttpServletRequest,org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails> authenticationDetailsSource)
AuthenticationDetailsSource
authenticationDetailsSource
- the AuthenticationDetailsSource
to useX509Configurer
to usepublic X509Configurer<H> userDetailsService(org.springframework.security.core.userdetails.UserDetailsService userDetailsService)
authenticationUserDetailsService(AuthenticationUserDetailsService)
with a UserDetailsByNameServiceWrapper
.userDetailsService
- the UserDetailsService
to useX509Configurer
for further customizationspublic X509Configurer<H> authenticationUserDetailsService(org.springframework.security.core.userdetails.AuthenticationUserDetailsService<org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken> authenticationUserDetailsService)
AuthenticationUserDetailsService
to use. If not
specified, the shared UserDetailsService
will be used to create a
UserDetailsByNameServiceWrapper
.authenticationUserDetailsService
- the AuthenticationUserDetailsService
to useX509Configurer
for further customizationspublic X509Configurer<H> subjectPrincipalRegex(String subjectPrincipalRegex)
SubjectDnX509PrincipalExtractor
is used.subjectPrincipalRegex
- the regex to extract the user principal from the certificate
(i.e. "CN=(.*?)(?:,|$)").X509Configurer
for further customizationspublic void init(H http) throws Exception
SecurityConfigurer
SecurityBuilder
. Here only shared state should be
created and modified, but not properties on the SecurityBuilder
used for building the object. This ensures that the
SecurityConfigurer.configure(SecurityBuilder)
method uses the correct shared
objects when building.init
in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
init
in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
public void configure(H http) throws Exception
SecurityConfigurer
SecurityBuilder
by setting the necessary properties
on the SecurityBuilder
.configure
in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
configure
in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
Exception
public B disable()
AbstractHttpConfigurer
by removing it. After doing
so a fresh version of the configuration can be applied.HttpSecurityBuilder
for additional customizationspublic T withObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor)