com.sap.cds.framework.spring.config.auth.identity.IdentitySecurityConfig

@AutoConfiguration(after=XsuaaSecurityConfig.class) @ConditionalOnClass({com.sap.cloud.security.spring.config.IdentityServiceConfiguration.class,org.springframework.security.config.annotation.web.builders.HttpSecurity.class,org.springframework.security.oauth2.jwt.Jwt.class}) @Conditional(IdentityConfiguredCondition.class) @ConditionalOnMissingBean(XsuaaSecurityConfig.class) @PropertySource(factory=com.sap.cloud.security.spring.config.IdentityServicesPropertySourceFactory.class, value="") @ConditionalOnWebApplication @EnableWebSecurity @Order(1000) public class IdentitySecurityConfig extends Object

The default security configuration in case of active IAS or XSUAA configuration - which should be the case in productive scenarios. By default, all requests require an oauth2 authentication - including public endpoints. In order to open public endpoints, the application needs to create a security configuration with higher priority and override these endpoints.

Constructor Summary

Constructors

Constructor

Description

IdentitySecurityConfig()
Method Summary

Modifier and Type

Method

Description

org.springframework.security.web.SecurityFilterChain

identityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- IdentitySecurityConfig
  
  public IdentitySecurityConfig()
Method Details
- identityFilterChain
  
  @Bean public org.springframework.security.web.SecurityFilterChain identityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
  
  Throws:
  
  Exception

Class IdentitySecurityConfig

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

IdentitySecurityConfig

Method Details

identityFilterChain