com.sap.cds.framework.spring.config.auth.identity

Class IdentitySecurityConfig

java.lang.Object

com.sap.cds.framework.spring.config.auth.identity.IdentitySecurityConfig

@AutoConfiguration
 @ConditionalOnClass(value={com.sap.cloud.security.spring.config.IdentityServiceConfiguration.class,org.springframework.security.config.annotation.web.builders.HttpSecurity.class,org.springframework.security.oauth2.jwt.Jwt.class})
 @Conditional(value=IdentityConfiguredCondition.class)
 @PropertySource(factory=com.sap.cloud.security.spring.config.IdentityServicesPropertySourceFactory.class,
                value="")
 @EnableWebSecurity
 @Order(value=1000)
public class IdentitySecurityConfig
extends Object

The default security configuration in case of active IAS or XSUAA configuration - which should be the case in productive scenarios. By default, all requests require an oauth2 authentication - including public endpoints. In order to open public endpoints, the application needs to create a security configuration with higher priority and override these endpoints.

Constructor Summary

Constructors

Constructor and Description
IdentitySecurityConfig()

Method Summary

Modifier and Type	Method and Description
org.springframework.security.web.SecurityFilterChain	identityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

IdentitySecurityConfig

public IdentitySecurityConfig()

Method Detail

identityFilterChain

@Bean
public org.springframework.security.web.SecurityFilterChain identityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                                                                               throws Exception

Throws:

Exception