uk.ac.manchester.spinnaker.alloc.security.SecurityConfig

@EnableWebSecurity
@Role(0)
@EnableGlobalMethodSecurity(prePostEnabled=true)
public class SecurityConfig
extends Object

The security and administration configuration of the service.

Note: role expressions (IS_USER and IS_ADMIN) must be applied (with @PreAuthorize) to interfaces of classes (or methods of those interfaces) that are Spring Beans in order for the security interception to be applied correctly. This is the only combination that is known to work reliably.

Author:: Donal Fellows

Field Summary

Fields
Modifier and Type	Field	Description
`static String`	`IS_ADMIN`	How to assert that a user must be an admin.
`static String`	`IS_NMPI_EXEC`	How to assert that a user must be an admin.
`static String`	`IS_READER`	How to assert that a user must be able to read summaries.
`static String`	`IS_USER`	How to assert that a user must be able to make jobs and read job details in depth.
`static String`	`MAY_SEE_JOB_DETAILS`	How to filter out job details that a given user may see (or not).

Constructor Summary

Constructors

Constructor Description

SecurityConfig()

Method Summary

Modifier and Type	Method	Description
`void`	`configureGlobal(AuthenticationManagerBuilder auth)`	Configure things we plug into.
`SecurityFilterChain`	`securityFilter(HttpSecurity http)`	Define our main security controls.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- IS_ADMIN
  
  public static final String IS_ADMIN
  
  How to assert that a user must be an admin.
  
  See Also:
  
  Constant Field Values
- IS_NMPI_EXEC
  
  public static final String IS_NMPI_EXEC
  
  How to assert that a user must be an admin.
  
  See Also:
  
  Constant Field Values
- IS_READER
  
  public static final String IS_READER
  
  How to assert that a user must be able to read summaries.
  
  See Also:
  
  Constant Field Values
- MAY_SEE_JOB_DETAILS
  
  public static final String MAY_SEE_JOB_DETAILS
  
  How to filter out job details that a given user may see (or not).
  
  See Also:
  
  Constant Field Values
- IS_USER
  
  public static final String IS_USER
  
  How to assert that a user must be able to make jobs and read job details in depth.
  
  See Also:
  
  Constant Field Values
Constructor Details
- SecurityConfig
  
  public SecurityConfig()
Method Details
- configureGlobal
  
  @Autowired public void configureGlobal(AuthenticationManagerBuilder auth)
  
  Configure things we plug into.
  
  Parameters:
  
  auth - The authentication manager builder to configure.
- securityFilter
  
  @Bean @Role(1) public SecurityFilterChain securityFilter(HttpSecurity http) throws Exception
  
  Define our main security controls.
  
  Parameters:
  
  http - Used to build the filter chain.
  
  Returns:
  
  The filter chain that implements the controls.
  
  Throws:
  
  Exception - If anything goes wrong with setting up. Not expected.

Class SecurityConfig

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Details

Constructor Details

Method Details