Class CommonSecurityAutoConfiguration

  • All Implemented Interfaces:
    org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,​org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>

    @Configuration
    @ConditionalOnWebApplication
    @Import(org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver.class)
    @ConditionalOnMissingBean({org.keycloak.adapters.KeycloakConfigResolver.class,org.springframework.security.web.authentication.session.SessionAuthenticationStrategy.class,org.springframework.security.web.authentication.session.SessionAuthenticationStrategy.class})
    @DependsOn("keycloakConfigResolver")
    @PropertySource("classpath:keycloak-configuration.properties")
    public class CommonSecurityAutoConfiguration
    extends org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter
    • Constructor Detail

      • CommonSecurityAutoConfiguration

        @Autowired
        public CommonSecurityAutoConfiguration​(AuthorizationConfigurer authorizationConfigurer)
    • Method Detail

      • configureGlobalAuthenticationManager

        @Bean
        public org.springframework.beans.factory.InitializingBean configureGlobalAuthenticationManager​(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth,
                                                                                                       org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider keycloakAuthenticationProvider)
        Registers the KeycloakAuthenticationProvider with the authentication manager.
      • keycloakAuthenticationProvider

        @Bean
        @ConditionalOnMissingBean
        public org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider keycloakAuthenticationProvider()
        Overrides:
        keycloakAuthenticationProvider in class org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter
      • authenticatedPrincipalProvider

        @Bean
        @ConditionalOnMissingBean
        public org.activiti.api.runtime.shared.security.SecurityContextPrincipalProvider authenticatedPrincipalProvider()
      • principalIdentityProvider

        @Bean
        @ConditionalOnMissingBean
        public org.activiti.api.runtime.shared.security.PrincipalIdentityProvider principalIdentityProvider​(KeycloakAccessTokenProvider keycloakAccessTokenProvider,
                                                                                                            KeycloakAccessTokenValidator keycloakAccessTokenValidator)
      • principalGroupsProviderChain

        @Bean
        @ConditionalOnMissingBean
        public KeycloakPrincipalGroupsProviderChain principalGroupsProviderChain​(List<org.activiti.api.runtime.shared.security.PrincipalGroupsProvider> principalGroupsProviders)
      • principalRolesProviderChain

        @Bean
        @ConditionalOnMissingBean
        public KeycloakPrincipalRolesProviderChain principalRolesProviderChain​(List<org.activiti.api.runtime.shared.security.PrincipalRolesProvider> principalRolesProviders)
      • securityManager

        @Bean
        @ConditionalOnMissingBean
        public org.activiti.api.runtime.shared.security.SecurityManager securityManager​(org.activiti.api.runtime.shared.security.SecurityContextPrincipalProvider authenticatedPrincipalProvider,
                                                                                        org.activiti.api.runtime.shared.security.PrincipalIdentityProvider principalIdentityProvider,
                                                                                        KeycloakPrincipalGroupsProviderChain principalGroupsProvider,
                                                                                        KeycloakPrincipalRolesProviderChain principalRolesProviderChain)
      • securityContextTokenProvider

        @Bean
        @ConditionalOnMissingBean
        public org.activiti.api.runtime.shared.security.SecurityContextTokenProvider securityContextTokenProvider()
      • httpSessionManager

        @Bean
        @ConditionalOnMissingBean(org.keycloak.adapters.springsecurity.management.HttpSessionManager.class)
        protected org.keycloak.adapters.springsecurity.management.HttpSessionManager httpSessionManager()
        Overrides:
        httpSessionManager in class org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter
      • sessionAuthenticationStrategy

        @Bean
        @ConditionalOnMissingBean
        protected org.springframework.security.web.authentication.session.SessionAuthenticationStrategy sessionAuthenticationStrategy()
        Defines the session authentication strategy.
        Specified by:
        sessionAuthenticationStrategy in class org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter
      • configure

        protected void configure​(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                          throws Exception
        Overrides:
        configure in class org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter
        Throws:
        Exception