Package de.ikor.sip.foundation.security.config

Class SecurityConfig

java.lang.Object

de.ikor.sip.foundation.security.config.SecurityConfig

@Configuration
public class SecurityConfig
extends Object

Central place of all configs related for spring-security settings regarding the sip authentication features

Constructor Summary

Constructors

Constructor	Description
SecurityConfig(Optional<List<SIPAuthenticationProvider<?>>> authProviders, SecurityConfigProperties config, Optional<TokenExtractors> tokenExtractors)	Autowired constructor for creating SIP Security Configuration

Method Summary

Modifier and Type	Method	Description
org.springframework.security.authentication.AuthenticationManager	authenticationManagerBean()	Register custom authenticationManager as a @Bean
org.springframework.security.web.SecurityFilterChain	sipDefaultSecurityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer	sipDefaultWebSecurityCustomizer()	Set globally ignored endpoints from config

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecurityConfig

@Autowired
public SecurityConfig(Optional<List<SIPAuthenticationProvider<?>>> authProviders,
 SecurityConfigProperties config,
 Optional<TokenExtractors> tokenExtractors)

Autowired constructor for creating SIP Security Configuration

Parameters:

authProviders - (optional) list of auth providers defined in the config

config - SIP Security config

tokenExtractors - (optional) registered token extractors filled by authProviders

Method Details

authenticationManagerBean

@Bean
public org.springframework.security.authentication.AuthenticationManager authenticationManagerBean()
                                                                                            throws SIPFrameworkException

Register custom authenticationManager as a @Bean

Returns:

Spring's Authentication Manager

Throws:

SIPFrameworkException - due to misconfiguration

sipDefaultSecurityFilterChain

@Bean
public org.springframework.security.web.SecurityFilterChain sipDefaultSecurityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                                                                                   throws Exception

Parameters:

http - Spring provided http security object used for configuring rules

Returns:

Spring's SecurityFilterChain

Throws:

Exception - if security isn't properly configured

sipDefaultWebSecurityCustomizer

@Bean
public org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer sipDefaultWebSecurityCustomizer()

Set globally ignored endpoints from config

Returns:

Spring WebSecurityCustomizer