Package uk.ac.warwick.dcs.sherlock.module.web.configuration

Class SecurityConfig

java.lang.Object

org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

uk.ac.warwick.dcs.sherlock.module.web.configuration.SecurityConfig

All Implemented Interfaces:

org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>

@Configuration
public class SecurityConfig
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Sets up both the web and http security to prevent unauthorised access to account/admin pages

Constructor Summary

Constructors

Constructor	Description
SecurityConfig()

Method Summary

Modifier and Type	Method	Description
void	configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)	Configures the web security by configuring the authentication manager to use the custom user details service that links into the datbase
protected void	configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)	Configures the http security to prevent unauthorised requests to the account/admin pages as well as enable the login/logout pages
static java.lang.String	generateRandomPassword()	Generates a random password for new accounts or when an admin changes the password on an account
static java.lang.String	getLocalEmail()	Get the email of the local user
static java.lang.String	getLocalPassword()	Get the password of the local user

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

authenticationManager, authenticationManagerBean, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityConfig

public SecurityConfig()

Method Detail

getLocalEmail

public static java.lang.String getLocalEmail()

Get the email of the local user

Returns:

the email

getLocalPassword

public static java.lang.String getLocalPassword()

Get the password of the local user

Returns:

the password

configure

@Autowired
public void configure(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
               throws java.lang.Exception

Configures the web security by configuring the authentication manager to use the custom user details service that links into the datbase

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Parameters:

auth - Spring's authentication manager

Throws:

java.lang.Exception - if there was an issue with the user details service

configure

protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                  throws java.lang.Exception

Configures the http security to prevent unauthorised requests to the account/admin pages as well as enable the login/logout pages

Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Parameters:

http - Spring's http security object that allows configuring web based security for specific http requests

Throws:

java.lang.Exception - if there was an issue with http security

generateRandomPassword

public static java.lang.String generateRandomPassword()

Generates a random password for new accounts or when an admin changes the password on an account

Returns:

the random password