io.micronaut.security.session

Class SecuritySessionConfigurationProperties

java.lang.Object

io.micronaut.security.session.SecuritySessionConfigurationProperties

All Implemented Interfaces:

Toggleable, ForbiddenRejectionUriProvider, UnauthorizedRejectionUriProvider, SecuritySessionConfiguration

@ConfigurationProperties(value="micronaut.security.session")
public class SecuritySessionConfigurationProperties
extends Object
implements SecuritySessionConfiguration, UnauthorizedRejectionUriProvider, ForbiddenRejectionUriProvider

Implementation of SecuritySessionConfiguration. Session-based Authentication configuration properties.

Since:

1.0

Author:

Sergio del Amo

Field Summary

Fields

Modifier and Type	Field and Description
static boolean	DEFAULT_ENABLED The default enable value.
static boolean	DEFAULT_LEGACYREJECTIONHANDLER Deprecated.
static String	DEFAULT_LOGINFAILURETARGETURL The default login failure target URL.
static String	DEFAULT_LOGINSUCCESSTARGETURL The default login success target URL.
static String	DEFAULT_LOGOUTTARGETURL The default login target URL.
static String	PREFIX

Constructor Summary

Constructors

Constructor and Description
SecuritySessionConfigurationProperties()

Method Summary

Modifier and Type	Method and Description
Optional<String>	getForbiddenRedirectUri()
Optional<String>	getForbiddenRedirectUri(HttpRequest<?> request)
String	getForbiddenTargetUrl()
String	getLoginFailureTargetUrl()
String	getLoginSuccessTargetUrl()
String	getLogoutTargetUrl()
Optional<String>	getUnauthorizedRedirectUri()
Optional<String>	getUnauthorizedRedirectUri(HttpRequest<?> request)
String	getUnauthorizedTargetUrl()
boolean	isEnabled()
boolean	isLegacyRejectionHandler()
void	setEnabled(boolean enabled) Sets whether the session config is enabled.
void	setForbiddenTargetUrl(String forbiddenTargetUrl) Sets the forbidden target URL.
void	setLegacyRejectionHandler(boolean legacyRejectionHandler) Decides whether the deprecated SessionSecurityFilterOrderProvider is loaded, instead of the new RedirectRejectionHandler.
void	setLoginFailureTargetUrl(String loginFailureTargetUrl) Sets the login failure target URL.
void	setLoginSuccessTargetUrl(String loginSuccessTargetUrl) Sets the login success target URL.
void	setLogoutTargetUrl(String logoutTargetUrl) Sets the logout target URL.
void	setUnauthorizedTargetUrl(String unauthorizedTargetUrl) Sets the unauthorized target URL.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PREFIX

public static final String PREFIX

See Also:

Constant Field Values

DEFAULT_ENABLED

public static final boolean DEFAULT_ENABLED

The default enable value.

See Also:

Constant Field Values

DEFAULT_LOGINSUCCESSTARGETURL

public static final String DEFAULT_LOGINSUCCESSTARGETURL

The default login success target URL.

See Also:

Constant Field Values

DEFAULT_LOGINFAILURETARGETURL

public static final String DEFAULT_LOGINFAILURETARGETURL

The default login failure target URL.

See Also:

Constant Field Values

DEFAULT_LOGOUTTARGETURL

public static final String DEFAULT_LOGOUTTARGETURL

The default login target URL.

See Also:

Constant Field Values

DEFAULT_LEGACYREJECTIONHANDLER

@Deprecated
public static final boolean DEFAULT_LEGACYREJECTIONHANDLER

Deprecated.

The default value to disable rejection handler.

See Also:

Constant Field Values

Constructor Detail

SecuritySessionConfigurationProperties

public SecuritySessionConfigurationProperties()

Method Detail

isLegacyRejectionHandler

public boolean isLegacyRejectionHandler()

Specified by:

isLegacyRejectionHandler in interface SecuritySessionConfiguration

Returns:

If true the deprecated SessionSecurityFilterOrderProvider is loaded, instead of the new RedirectRejectionHandler

setLegacyRejectionHandler

public void setLegacyRejectionHandler(boolean legacyRejectionHandler)

Decides whether the deprecated SessionSecurityFilterOrderProvider is loaded, instead of the new RedirectRejectionHandler. Defaults to (true).

Parameters:

legacyRejectionHandler - whether the deprecated SessionSecurityFilterOrderProvider is loaded

isEnabled

public boolean isEnabled()

Specified by:

isEnabled in interface Toggleable

Returns:

Whether the component is enabled

getLoginSuccessTargetUrl

public String getLoginSuccessTargetUrl()

Specified by:

getLoginSuccessTargetUrl in interface SecuritySessionConfiguration

Returns:

String to be parsed into a URI which represents where the user is redirected to after a successful login.

getLogoutTargetUrl

public String getLogoutTargetUrl()

Specified by:

getLogoutTargetUrl in interface SecuritySessionConfiguration

Returns:

String to be parsed into a URI which represents where the user is redirected to after logout.

getLoginFailureTargetUrl

public String getLoginFailureTargetUrl()

Specified by:

getLoginFailureTargetUrl in interface SecuritySessionConfiguration

Returns:

String to be parsed into a URI which represents where the user is redirected to after a failed login.

getUnauthorizedTargetUrl

public String getUnauthorizedTargetUrl()

Specified by:

getUnauthorizedTargetUrl in interface SecuritySessionConfiguration

Returns:

String to be parsed into a URI which represents where the user is redirected to after trying to access a secured route.

getForbiddenTargetUrl

public String getForbiddenTargetUrl()

Specified by:

getForbiddenTargetUrl in interface SecuritySessionConfiguration

Returns:

String to be parsed into a URI which represents where the user is redirected to after trying to access a secured route for which the does not have sufficient roles.

setLoginSuccessTargetUrl

public void setLoginSuccessTargetUrl(String loginSuccessTargetUrl)

Sets the login success target URL. Default value ("/").

Parameters:

loginSuccessTargetUrl - The URL

setLoginFailureTargetUrl

public void setLoginFailureTargetUrl(String loginFailureTargetUrl)

Sets the login failure target URL. Default value ("/").

Parameters:

loginFailureTargetUrl - The URL

setLogoutTargetUrl

public void setLogoutTargetUrl(String logoutTargetUrl)

Sets the logout target URL. Default value ("/").

Parameters:

logoutTargetUrl - The URL

setUnauthorizedTargetUrl

public void setUnauthorizedTargetUrl(String unauthorizedTargetUrl)

Sets the unauthorized target URL.

Parameters:

unauthorizedTargetUrl - The URL

setForbiddenTargetUrl

public void setForbiddenTargetUrl(String forbiddenTargetUrl)

Sets the forbidden target URL.

Parameters:

forbiddenTargetUrl - The URL

setEnabled

public void setEnabled(boolean enabled)

Sets whether the session config is enabled. Default value (false).

Parameters:

enabled - True if it is enabled

getUnauthorizedRedirectUri

public Optional<String> getUnauthorizedRedirectUri()

Returns:

A uri to redirect to when a user tries to access a secured resource without authentication.

getUnauthorizedRedirectUri

public Optional<String> getUnauthorizedRedirectUri(HttpRequest<?> request)

Specified by:

getUnauthorizedRedirectUri in interface UnauthorizedRejectionUriProvider

Parameters:

request - HttpRequest being processed

Returns:

A uri to redirect to when a user tries to access a secured resource without authentication.

getForbiddenRedirectUri

public Optional<String> getForbiddenRedirectUri()

Returns:

A uri to redirect to when an authenticated user tries to access a resource for which he does not have the required authorization level.

getForbiddenRedirectUri

public Optional<String> getForbiddenRedirectUri(HttpRequest<?> request)

Specified by:

getForbiddenRedirectUri in interface ForbiddenRejectionUriProvider

Parameters:

request - HttpRequest being processed

Returns:

A uri to redirect to when an authenticated user tries to access a resource for which he does not have the required authorization level.