Search in sources :

Example 1 with AbstractHttpConfigurer

use of org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer in project spring-security by spring-projects.

the class WebSecurityConfigurerAdapter method getHttp.

/**
	 * Creates the {@link HttpSecurity} or returns the current instance
	 *
	 * ] * @return the {@link HttpSecurity}
	 * @throws Exception
	 */
@SuppressWarnings({ "rawtypes", "unchecked" })
protected final HttpSecurity getHttp() throws Exception {
    if (http != null) {
        return http;
    }
    DefaultAuthenticationEventPublisher eventPublisher = objectPostProcessor.postProcess(new DefaultAuthenticationEventPublisher());
    localConfigureAuthenticationBldr.authenticationEventPublisher(eventPublisher);
    AuthenticationManager authenticationManager = authenticationManager();
    authenticationBuilder.parentAuthenticationManager(authenticationManager);
    Map<Class<? extends Object>, Object> sharedObjects = createSharedObjects();
    http = new HttpSecurity(objectPostProcessor, authenticationBuilder, sharedObjects);
    if (!disableDefaults) {
        // @formatter:off
        http.csrf().and().addFilter(new WebAsyncManagerIntegrationFilter()).exceptionHandling().and().headers().and().sessionManagement().and().securityContext().and().requestCache().and().anonymous().and().servletApi().and().apply(new DefaultLoginPageConfigurer<HttpSecurity>()).and().logout();
        // @formatter:on
        ClassLoader classLoader = this.context.getClassLoader();
        List<AbstractHttpConfigurer> defaultHttpConfigurers = SpringFactoriesLoader.loadFactories(AbstractHttpConfigurer.class, classLoader);
        for (AbstractHttpConfigurer configurer : defaultHttpConfigurers) {
            http.apply(configurer);
        }
    }
    configure(http);
    return http;
}
Also used : DefaultAuthenticationEventPublisher(org.springframework.security.authentication.DefaultAuthenticationEventPublisher) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) AbstractHttpConfigurer(org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer) WebAsyncManagerIntegrationFilter(org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter)

Aggregations

AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1 DefaultAuthenticationEventPublisher (org.springframework.security.authentication.DefaultAuthenticationEventPublisher)1 HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)1 AbstractHttpConfigurer (org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer)1 WebAsyncManagerIntegrationFilter (org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter)1