Java tutorial
/* * Copyright 2012-2019 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.springframework.boot.autoconfigure.security; import java.util.ArrayList; import java.util.Arrays; import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.UUID; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.web.servlet.DispatcherType; import org.springframework.boot.web.servlet.filter.OrderedFilter; import org.springframework.core.Ordered; import org.springframework.util.StringUtils; /** * Configuration properties for Spring Security. * * @author Dave Syer * @author Andy Wilkinson * @author Madhura Bhave * @since 1.0.0 */ @ConfigurationProperties(prefix = "spring.security") public class SecurityProperties { /** * Order applied to the WebSecurityConfigurerAdapter that is used to configure basic * authentication for application endpoints. If you want to add your own * authentication for all or some of those endpoints the best thing to do is to add * your own WebSecurityConfigurerAdapter with lower order. */ public static final int BASIC_AUTH_ORDER = Ordered.LOWEST_PRECEDENCE - 5; /** * Order applied to the WebSecurityConfigurer that ignores standard static resource * paths. */ public static final int IGNORED_ORDER = Ordered.HIGHEST_PRECEDENCE; /** * Default order of Spring Security's Filter in the servlet container (i.e. amongst * other filters registered with the container). There is no connection between this * and the {@code @Order} on a WebSecurityConfigurer. */ public static final int DEFAULT_FILTER_ORDER = OrderedFilter.REQUEST_WRAPPER_FILTER_MAX_ORDER - 100; private final Filter filter = new Filter(); private User user = new User(); public User getUser() { return this.user; } public Filter getFilter() { return this.filter; } public static class Filter { /** * Security filter chain order. */ private int order = DEFAULT_FILTER_ORDER; /** * Security filter chain dispatcher types. */ private Set<DispatcherType> dispatcherTypes = new HashSet<>( Arrays.asList(DispatcherType.ASYNC, DispatcherType.ERROR, DispatcherType.REQUEST)); public int getOrder() { return this.order; } public void setOrder(int order) { this.order = order; } public Set<DispatcherType> getDispatcherTypes() { return this.dispatcherTypes; } public void setDispatcherTypes(Set<DispatcherType> dispatcherTypes) { this.dispatcherTypes = dispatcherTypes; } } public static class User { /** * Default user name. */ private String name = "user"; /** * Password for the default user name. */ private String password = UUID.randomUUID().toString(); /** * Granted roles for the default user name. */ private List<String> roles = new ArrayList<>(); private boolean passwordGenerated = true; public String getName() { return this.name; } public void setName(String name) { this.name = name; } public String getPassword() { return this.password; } public void setPassword(String password) { if (!StringUtils.hasLength(password)) { return; } this.passwordGenerated = false; this.password = password; } public List<String> getRoles() { return this.roles; } public void setRoles(List<String> roles) { this.roles = new ArrayList<>(roles); } public boolean isPasswordGenerated() { return this.passwordGenerated; } } }