GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Remove references to WebSecurityConfigurerAdapter 

* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
pull/11653/head
Steve Riesenberg 4 years ago committed by Steve Riesenberg
parent
9861769b02
commit
0c0c75ce22
11 changed files with 763 additions and 404 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 40
      config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/EnableGlobalAuthentication.java
  2. 11
      config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java
  3. 1038
      config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
  4. 11
      config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
  5. 9
      config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java
  6. 10
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
  7. 8
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
  8. 14
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurer.java
  9. 6
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
  10. 13
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
  11. 7
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java

40
config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/EnableGlobalAuthentication.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2013 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -39,10 +39,19 @@ import org.springframework.security.config.annotation.web.servlet.configuration.
* @EnableGlobalAuthentication * @EnableGlobalAuthentication
* public class MyGlobalAuthenticationConfiguration { * public class MyGlobalAuthenticationConfiguration {
* *
* @Autowired * @Bean
* public void configureGlobal(AuthenticationManagerBuilder auth) { * public UserDetailsService userDetailsService() {
* auth.inMemoryAuthentication().withUser("user").password("password").roles("USER") * UserDetails user = User.withDefaultPasswordEncoder()
* .and().withUser("admin").password("password").roles("USER", "ADMIN"); * .username("user")
* .password("password")
* .roles("USER")
* .build();
* UserDetails admin = User.withDefaultPasswordEncoder()
* .username("admin")
* .password("password")
* .roles("ADMIN", "USER")
* .build();
* return new InMemoryUserDetailsManager(user, admin);
* } * }
* } * }
* </pre> * </pre>
@ -54,15 +63,24 @@ import org.springframework.security.config.annotation.web.servlet.configuration.
* <pre class="code"> * <pre class="code">
* &#064;Configuration * &#064;Configuration
* &#064;EnableWebSecurity * &#064;EnableWebSecurity
* public class MyWebSecurityConfiguration extends WebSecurityConfigurerAdapter { * public class MyWebSecurityConfiguration {
* *
* &#064;Autowired * &#064;Bean
* public void configureGlobal(AuthenticationManagerBuilder auth) { * public UserDetailsService userDetailsService() {
* auth.inMemoryAuthentication().withUser(&quot;user&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;) * UserDetails user = User.withDefaultPasswordEncoder()
* .and().withUser(&quot;admin&quot;).password(&quot;password&quot;).roles(&quot;USER&quot;, &quot;ADMIN&quot;); * .username(&quot;user&quot;)
* .password(&quot;password&quot;)
* .roles(&quot;USER&quot;)
* .build();
* UserDetails admin = User.withDefaultPasswordEncoder()
* .username(&quot;admin&quot;)
* .password(&quot;password&quot;)
* .roles(&quot;ADMIN&quot;, &quot;USER&quot;)
* .build();
* return new InMemoryUserDetailsManager(user, admin);
* } * }
* *
* // Possibly overridden methods ... * // Possibly more bean methods ...
* } * }
* </pre> * </pre>
* *

11
config/src/main/java/org/springframework/security/config/annotation/web/WebSecurityConfigurer.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2020 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,19 +23,16 @@ import org.springframework.security.config.annotation.SecurityBuilder;
import org.springframework.security.config.annotation.SecurityConfigurer; import org.springframework.security.config.annotation.SecurityConfigurer;
import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
/** /**
* Allows customization to the {@link WebSecurity}. In most instances users will use * Allows customization to the {@link WebSecurity}. In most instances users will use
* {@link EnableWebSecurity} and either create a {@link Configuration} that extends * {@link EnableWebSecurity} and create a {@link Configuration} that exposes a
* {@link WebSecurityConfigurerAdapter} or expose a {@link SecurityFilterChain} bean. Both * {@link SecurityFilterChain} bean. This will automatically be applied to the
* will automatically be applied to the {@link WebSecurity} by the * {@link WebSecurity} by the {@link EnableWebSecurity} annotation.
* {@link EnableWebSecurity} annotation.
* *
* @author Rob Winch * @author Rob Winch
* @since 3.2 * @since 3.2
* @see WebSecurityConfigurerAdapter
* @see SecurityFilterChain * @see SecurityFilterChain
*/ */
public interface WebSecurityConfigurer<T extends SecurityBuilder<Filter>> extends SecurityConfigurer<Filter, T> { public interface WebSecurityConfigurer<T extends SecurityBuilder<Filter>> extends SecurityConfigurer<Filter, T> {

1038
config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
View File

File diff suppressed because it is too large Load Diff

11
config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
Unescape View File

@ -41,7 +41,6 @@ import org.springframework.security.config.annotation.web.AbstractRequestMatcher
import org.springframework.security.config.annotation.web.WebSecurityConfigurer; import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.web.DefaultSecurityFilterChain; import org.springframework.security.web.DefaultSecurityFilterChain;
@ -76,8 +75,7 @@ import org.springframework.web.filter.DelegatingFilterProxy;
* *
* <p> * <p>
* Customizations to the {@link WebSecurity} can be made by creating a * Customizations to the {@link WebSecurity} can be made by creating a
* {@link WebSecurityConfigurer}, overriding {@link WebSecurityConfigurerAdapter} or * {@link WebSecurityConfigurer} or exposing a {@link WebSecurityCustomizer} bean.
* exposing a {@link WebSecurityCustomizer} bean.
* </p> * </p>
* *
* @author Rob Winch * @author Rob Winch
@ -199,7 +197,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
* *
* <p> * <p>
* Typically this method is invoked automatically within the framework from * Typically this method is invoked automatically within the framework from
* {@link WebSecurityConfigurerAdapter#init(WebSecurity)} * {@link WebSecurityConfiguration#springSecurityFilterChain()}
* </p> * </p>
* @param securityFilterChainBuilder the builder to use to create the * @param securityFilterChainBuilder the builder to use to create the
* {@link SecurityFilterChain} instances * {@link SecurityFilterChain} instances
@ -257,7 +255,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
/** /**
* Sets the {@link FilterSecurityInterceptor}. This is typically invoked by * Sets the {@link FilterSecurityInterceptor}. This is typically invoked by
* {@link WebSecurityConfigurerAdapter}. * {@link WebSecurityConfiguration#springSecurityFilterChain()}.
* @param securityInterceptor the {@link FilterSecurityInterceptor} to use * @param securityInterceptor the {@link FilterSecurityInterceptor} to use
* @return the {@link WebSecurity} for further customizations * @return the {@link WebSecurity} for further customizations
* @deprecated Use {@link #privilegeEvaluator(WebInvocationPrivilegeEvaluator)} * @deprecated Use {@link #privilegeEvaluator(WebInvocationPrivilegeEvaluator)}
@ -296,8 +294,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
protected Filter performBuild() throws Exception { protected Filter performBuild() throws Exception {
Assert.state(!this.securityFilterChainBuilders.isEmpty(), Assert.state(!this.securityFilterChainBuilders.isEmpty(),
() -> "At least one SecurityBuilder<? extends SecurityFilterChain> needs to be specified. " () -> "At least one SecurityBuilder<? extends SecurityFilterChain> needs to be specified. "
+ "Typically this is done by exposing a SecurityFilterChain bean " + "Typically this is done by exposing a SecurityFilterChain bean. "
+ "or by adding a @Configuration that extends WebSecurityConfigurerAdapter. "
+ "More advanced users can invoke " + WebSecurity.class.getSimpleName() + "More advanced users can invoke " + WebSecurity.class.getSimpleName()
+ ".addSecurityFilterChainBuilder directly"); + ".addSecurityFilterChainBuilder directly");
int chainSize = this.ignoredRequests.size() + this.securityFilterChainBuilders.size(); int chainSize = this.ignoredRequests.size() + this.securityFilterChainBuilders.size();

9
config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -54,10 +54,9 @@ import org.springframework.util.Assert;
/** /**
* Uses a {@link WebSecurity} to create the {@link FilterChainProxy} that performs the web * Uses a {@link WebSecurity} to create the {@link FilterChainProxy} that performs the web
* based security for Spring Security. It then exports the necessary beans. Customizations * based security for Spring Security. It then exports the necessary beans. Customizations
* can be made to {@link WebSecurity} by extending {@link WebSecurityConfigurerAdapter} * can be made to {@link WebSecurity} by implementing {@link WebSecurityConfigurer} and
* and exposing it as a {@link Configuration} or implementing * exposing it as a {@link Configuration} or exposing a {@link WebSecurityCustomizer}
* {@link WebSecurityConfigurer} and exposing it as a {@link Configuration}. This * bean. This configuration is imported when using {@link EnableWebSecurity}.
* configuration is imported when using {@link EnableWebSecurity}.
* *
* @author Rob Winch * @author Rob Winch
* @author Keesun Baik * @author Keesun Baik

10
config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
Unescape View File

@ -25,7 +25,7 @@ import org.springframework.http.MediaType;
import org.springframework.security.authentication.AuthenticationDetailsSource; import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.PortMapper; import org.springframework.security.web.PortMapper;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
@ -305,14 +305,14 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
/** /**
* <p> * <p>
* Specifies the URL to send users to if login is required. If used with * Specifies the URL to send users to if login is required. If used with
* {@link WebSecurityConfigurerAdapter} a default login page will be generated when * {@link EnableWebSecurity} a default login page will be generated when this
* this attribute is not specified. * attribute is not specified.
* </p> * </p>
* *
* <p> * <p>
* If a URL is specified or this is not being used in conjunction with * If a URL is specified or this is not being used in conjunction with
* {@link WebSecurityConfigurerAdapter}, users are required to process the specified * {@link EnableWebSecurity}, users are required to process the specified URL to
* URL to generate a login page. * generate a login page.
* </p> * </p>
*/ */
protected T loginPage(String loginPage) { protected T loginPage(String loginPage) {

8
config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -22,7 +22,7 @@ import java.util.Map;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter; import org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter;
@ -30,7 +30,7 @@ import org.springframework.security.web.csrf.CsrfToken;
/** /**
* Adds a Filter that will generate a login page if one is not specified otherwise when * Adds a Filter that will generate a login page if one is not specified otherwise when
* using {@link WebSecurityConfigurerAdapter}. * using {@link EnableWebSecurity}.
* *
* <p> * <p>
* By default an * By default an
@ -64,7 +64,7 @@ import org.springframework.security.web.csrf.CsrfToken;
* *
* @author Rob Winch * @author Rob Winch
* @since 3.2 * @since 3.2
* @see WebSecurityConfigurerAdapter * @see EnableWebSecurity
*/ */
public final class DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>> public final class DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>>
extends AbstractHttpConfigurer<DefaultLoginPageConfigurer<H>, H> { extends AbstractHttpConfigurer<DefaultLoginPageConfigurer<H>, H> {

14
config/src/main/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurer.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2013 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -18,7 +18,7 @@ package org.springframework.security.config.annotation.web.configurers;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler; import org.springframework.security.web.authentication.ForwardAuthenticationFailureHandler;
import org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler; import org.springframework.security.web.authentication.ForwardAuthenticationSuccessHandler;
@ -84,15 +84,15 @@ public final class FormLoginConfigurer<H extends HttpSecurityBuilder<H>> extends
/** /**
* <p> * <p>
* Specifies the URL to send users to if login is required. If used with * Specifies the URL to send users to if login is required. If used with
* {@link WebSecurityConfigurerAdapter} a default login page will be generated when * {@link EnableWebSecurity} a default login page will be generated when this
* this attribute is not specified. * attribute is not specified.
* </p> * </p>
* *
* <p> * <p>
* If a URL is specified or this is not being used in conjunction with * If a URL is specified or this is not being used in conjunction with
* {@link WebSecurityConfigurerAdapter}, users are required to process the specified * {@link EnableWebSecurity}, users are required to process the specified URL to
* URL to generate a login page. In general, the login page should create a form that * generate a login page. In general, the login page should create a form that submits
* submits a request with the following requirements to work with * a request with the following requirements to work with
* {@link UsernamePasswordAuthenticationFilter}: * {@link UsernamePasswordAuthenticationFilter}:
* </p> * </p>
* *

6
config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -26,7 +26,7 @@ import jakarta.servlet.http.HttpServletRequest;
import org.springframework.security.config.Customizer; import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.header.HeaderWriter; import org.springframework.security.web.header.HeaderWriter;
import org.springframework.security.web.header.HeaderWriterFilter; import org.springframework.security.web.header.HeaderWriterFilter;
import org.springframework.security.web.header.writers.CacheControlHeadersWriter; import org.springframework.security.web.header.writers.CacheControlHeadersWriter;
@ -50,7 +50,7 @@ import org.springframework.util.Assert;
/** /**
* <p> * <p>
* Adds the Security HTTP headers to the response. Security HTTP headers is activated by * Adds the Security HTTP headers to the response. Security HTTP headers is activated by
* default when using {@link WebSecurityConfigurerAdapter}'s default constructor. * default when using {@link EnableWebSecurity}'s default constructor.
* </p> * </p>
* *
* <p> * <p>

13
config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
Unescape View File

@ -22,10 +22,8 @@ import org.springframework.beans.factory.NoSuchBeanDefinitionException;
import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContext;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.RememberMeAuthenticationProvider; import org.springframework.security.authentication.RememberMeAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
@ -150,13 +148,10 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>>
/** /**
* Specifies the {@link UserDetailsService} used to look up the {@link UserDetails} * Specifies the {@link UserDetailsService} used to look up the {@link UserDetails}
* when a remember me token is valid. The default is to use the * when a remember me token is valid. When using a
* {@link UserDetailsService} found by invoking * {@link org.springframework.security.web.SecurityFilterChain} bean, the default is
* {@link HttpSecurity#getSharedObject(Class)} which is set when using * to look for a {@link UserDetailsService} bean. Alternatively, one can populate
* {@link WebSecurityConfigurerAdapter#configure(AuthenticationManagerBuilder)}. When * {@link #rememberMeServices(RememberMeServices)}.
* using a {@link org.springframework.security.web.SecurityFilterChain} bean, the
* default is to look for a {@link UserDetailsService} bean. Alternatively, one can
* populate {@link #rememberMeServices(RememberMeServices)}.
* @param userDetailsService the {@link UserDetailsService} to configure * @param userDetailsService the {@link UserDetailsService} to configure
* @return the {@link RememberMeConfigurer} for further customization * @return the {@link RememberMeConfigurer} for further customization
* @see AbstractRememberMeServices * @see AbstractRememberMeServices

7
config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java
Unescape View File

@ -24,13 +24,11 @@ import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService; import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper; import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.Http403ForbiddenEntryPoint; import org.springframework.security.web.authentication.Http403ForbiddenEntryPoint;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
@ -144,10 +142,7 @@ public final class X509Configurer<H extends HttpSecurityBuilder<H>>
/** /**
* Specifies the {@link AuthenticationUserDetailsService} to use. If not specified, * Specifies the {@link AuthenticationUserDetailsService} to use. If not specified,
* the shared {@link UserDetailsService} will be used to create a * then the {@link UserDetailsService} bean will be used by default.
* {@link UserDetailsByNameServiceWrapper}. If a {@link SecurityFilterChain} bean is
* used instead of the {@link WebSecurityConfigurerAdapter}, then the
* {@link UserDetailsService} bean will be used by default.
* @param authenticationUserDetailsService the * @param authenticationUserDetailsService the
* {@link AuthenticationUserDetailsService} to use * {@link AuthenticationUserDetailsService} to use
* @return the {@link X509Configurer} for further customizations * @return the {@link X509Configurer} for further customizations

Write Preview
Loading…
Cancel
Save