Package com.wilfredmorgan.api.config

Class SecurityConfig

java.lang.Object

org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

com.wilfredmorgan.api.config.SecurityConfig

All Implemented Interfaces:

org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)
public class SecurityConfig
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

This class allows us to set standard security protocols to be used throughout the application, such as password encoding, location of token store, our implementation of users, among others

Constructor Summary

Constructors

Constructor	Description
SecurityConfig()

Method Summary

Modifier and Type	Method	Description
org.springframework.security.authentication.AuthenticationManager	authenticationManagerBean()	Allows us to customize the Authentication Manager.
org.springframework.security.crypto.password.PasswordEncoder	encoder()	Set our preferred encoder for our password
void	globalUserDetails(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)	Ties our implementation of user details and password encoding to the Authentication Manager
org.springframework.security.oauth2.provider.token.TokenStore	tokenStore()	We will store our token in memory.

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

authenticationManager, configure, configure, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityConfig

public SecurityConfig()

Method Detail

authenticationManagerBean

@Bean
public org.springframework.security.authentication.AuthenticationManager authenticationManagerBean()
                                                                                            throws java.lang.Exception

Allows us to customize the Authentication Manager. Normally, as we do here, we just take the defaults.

Overrides:

authenticationManagerBean in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Returns:

The configured authentication manager

Throws:

java.lang.Exception - In case our custom configurations do not work.

globalUserDetails

@Autowired
public void globalUserDetails(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
                       throws java.lang.Exception

Ties our implementation of user details and password encoding to the Authentication Manager

Parameters:

auth - the connection to our authentication manager

Throws:

java.lang.Exception - in case our custom configuration does not work

tokenStore

@Bean
public org.springframework.security.oauth2.provider.token.TokenStore tokenStore()

We will store our token in memory. This way when the application exists all access tokens are invalidated.

Returns:

A token store configured to be used in memory

encoder

@Bean
public org.springframework.security.crypto.password.PasswordEncoder encoder()

Set our preferred encoder for our password

Returns:

A password will be encoded using the standard BCrypt method