com.sap.cds.framework.spring.config.auth.xsuaa.XsuaaSecurityConfig

@AutoConfiguration @ConditionalOnClass({com.sap.cloud.security.xsuaa.XsuaaServiceConfiguration.class,org.springframework.security.config.annotation.web.builders.HttpSecurity.class,org.springframework.security.oauth2.jwt.Jwt.class}) @Conditional(XsuaaConfiguredCondition.class) @ConditionalOnWebApplication @EnableWebSecurity @Order(1000) public class XsuaaSecurityConfig extends Object

The default security configuration in case of active XSUAA configuration - which should be the case in productive scenarios. By default, all requests require an oauth2 authentication - including public endpoints. In order to open public endpoints, the application needs to create a security configuration with higher priority and override these endpoints.

Constructor Summary

Constructors

Constructor

Description

XsuaaSecurityConfig()
Method Summary

Modifier and Type

Method

Description

org.springframework.security.web.SecurityFilterChain

xsuaaFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- XsuaaSecurityConfig
  
  public XsuaaSecurityConfig()
Method Details
- xsuaaFilterChain
  
  @Bean public org.springframework.security.web.SecurityFilterChain xsuaaFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
  
  Throws:
  
  Exception

Class XsuaaSecurityConfig

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

XsuaaSecurityConfig

Method Details

xsuaaFilterChain