Class SecurityConfig
java.lang.Object
uk.ac.manchester.spinnaker.alloc.security.SecurityConfig
@EnableWebSecurity
@Role(0)
@EnableMethodSecurity(prePostEnabled=true)
public class SecurityConfig
extends Object
The security and administration configuration of the service.
Note: role expressions (IS_USER
and
IS_ADMIN
) must be applied (with @
PreAuthorize
) to
interfaces of classes (or methods of those interfaces) that are
Spring Beans in order for the security interception to be applied correctly.
This is the only combination that is known to work reliably.
- Author:
- Donal Fellows
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
How to assert that a user must be an admin.static final String
How to assert that a user must be an admin.static final String
How to assert that a user must be able to read summaries.static final String
How to assert that a user must be able to make jobs and read job details in depth.static final String
How to filter out job details that a given user may see (or not). -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
Configure things we plug into.securityFilter
(HttpSecurity http) Define our main security controls.
-
Field Details
-
IS_ADMIN
How to assert that a user must be an admin.- See Also:
-
IS_NMPI_EXEC
How to assert that a user must be an admin.- See Also:
-
IS_READER
How to assert that a user must be able to read summaries.- See Also:
-
MAY_SEE_JOB_DETAILS
How to filter out job details that a given user may see (or not).- See Also:
-
IS_USER
How to assert that a user must be able to make jobs and read job details in depth.- See Also:
-
-
Constructor Details
-
SecurityConfig
public SecurityConfig()
-
-
Method Details
-
configureGlobal
Configure things we plug into.- Parameters:
auth
- The authentication manager builder to configure.
-
securityFilter
Define our main security controls.- Parameters:
http
- Used to build the filter chain.- Returns:
- The filter chain that implements the controls.
- Throws:
Exception
- If anything goes wrong with setting up. Not expected.
-