Package io.micronaut.security.session
Class SecuritySessionConfigurationProperties
- java.lang.Object
-
- io.micronaut.security.session.SecuritySessionConfigurationProperties
-
- All Implemented Interfaces:
io.micronaut.core.util.Toggleable
,ForbiddenRejectionUriProvider
,UnauthorizedRejectionUriProvider
,SecuritySessionConfiguration
@ConfigurationProperties("micronaut.security.session") public class SecuritySessionConfigurationProperties extends java.lang.Object implements SecuritySessionConfiguration, UnauthorizedRejectionUriProvider, ForbiddenRejectionUriProvider
Implementation ofSecuritySessionConfiguration
. Session-based Authentication configuration properties.- Since:
- 1.0
- Author:
- Sergio del Amo
-
-
Field Summary
Fields Modifier and Type Field Description static boolean
DEFAULT_ENABLED
The default enable value.static boolean
DEFAULT_LEGACYREJECTIONHANDLER
Deprecated.static java.lang.String
DEFAULT_LOGINFAILURETARGETURL
The default login failure target URL.static java.lang.String
DEFAULT_LOGINSUCCESSTARGETURL
The default login success target URL.static java.lang.String
DEFAULT_LOGOUTTARGETURL
The default login target URL.static java.lang.String
PREFIX
-
Constructor Summary
Constructors Constructor Description SecuritySessionConfigurationProperties()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.util.Optional<java.lang.String>
getForbiddenRedirectUri()
java.util.Optional<java.lang.String>
getForbiddenRedirectUri(io.micronaut.http.HttpRequest<?> request)
java.lang.String
getForbiddenTargetUrl()
java.lang.String
getLoginFailureTargetUrl()
java.lang.String
getLoginSuccessTargetUrl()
java.lang.String
getLogoutTargetUrl()
java.util.Optional<java.lang.String>
getUnauthorizedRedirectUri()
java.util.Optional<java.lang.String>
getUnauthorizedRedirectUri(io.micronaut.http.HttpRequest<?> request)
java.lang.String
getUnauthorizedTargetUrl()
boolean
isEnabled()
boolean
isLegacyRejectionHandler()
void
setEnabled(boolean enabled)
Sets whether the session config is enabled.void
setForbiddenTargetUrl(java.lang.String forbiddenTargetUrl)
Sets the forbidden target URL.void
setLegacyRejectionHandler(boolean legacyRejectionHandler)
Decides whether the deprecatedSessionSecurityFilterOrderProvider
is loaded, instead of the newRedirectRejectionHandler
.void
setLoginFailureTargetUrl(java.lang.String loginFailureTargetUrl)
Sets the login failure target URL.void
setLoginSuccessTargetUrl(java.lang.String loginSuccessTargetUrl)
Sets the login success target URL.void
setLogoutTargetUrl(java.lang.String logoutTargetUrl)
Sets the logout target URL.void
setUnauthorizedTargetUrl(java.lang.String unauthorizedTargetUrl)
Sets the unauthorized target URL.
-
-
-
Field Detail
-
PREFIX
public static final java.lang.String PREFIX
- See Also:
- Constant Field Values
-
DEFAULT_ENABLED
public static final boolean DEFAULT_ENABLED
The default enable value.- See Also:
- Constant Field Values
-
DEFAULT_LOGINSUCCESSTARGETURL
public static final java.lang.String DEFAULT_LOGINSUCCESSTARGETURL
The default login success target URL.- See Also:
- Constant Field Values
-
DEFAULT_LOGINFAILURETARGETURL
public static final java.lang.String DEFAULT_LOGINFAILURETARGETURL
The default login failure target URL.- See Also:
- Constant Field Values
-
DEFAULT_LOGOUTTARGETURL
public static final java.lang.String DEFAULT_LOGOUTTARGETURL
The default login target URL.- See Also:
- Constant Field Values
-
DEFAULT_LEGACYREJECTIONHANDLER
@Deprecated public static final boolean DEFAULT_LEGACYREJECTIONHANDLER
Deprecated.The default value to disable rejection handler.- See Also:
- Constant Field Values
-
-
Method Detail
-
isLegacyRejectionHandler
public boolean isLegacyRejectionHandler()
- Specified by:
isLegacyRejectionHandler
in interfaceSecuritySessionConfiguration
- Returns:
- If true the deprecated
SessionSecurityFilterOrderProvider
is loaded, instead of the newRedirectRejectionHandler
-
setLegacyRejectionHandler
public void setLegacyRejectionHandler(boolean legacyRejectionHandler)
Decides whether the deprecatedSessionSecurityFilterOrderProvider
is loaded, instead of the newRedirectRejectionHandler
. Defaults to (true).- Parameters:
legacyRejectionHandler
- whether the deprecatedSessionSecurityFilterOrderProvider
is loaded
-
isEnabled
public boolean isEnabled()
- Specified by:
isEnabled
in interfaceio.micronaut.core.util.Toggleable
-
getLoginSuccessTargetUrl
public java.lang.String getLoginSuccessTargetUrl()
- Specified by:
getLoginSuccessTargetUrl
in interfaceSecuritySessionConfiguration
- Returns:
- String to be parsed into a URI which represents where the user is redirected to after a successful login.
-
getLogoutTargetUrl
public java.lang.String getLogoutTargetUrl()
- Specified by:
getLogoutTargetUrl
in interfaceSecuritySessionConfiguration
- Returns:
- String to be parsed into a URI which represents where the user is redirected to after logout.
-
getLoginFailureTargetUrl
public java.lang.String getLoginFailureTargetUrl()
- Specified by:
getLoginFailureTargetUrl
in interfaceSecuritySessionConfiguration
- Returns:
- String to be parsed into a URI which represents where the user is redirected to after a failed login.
-
getUnauthorizedTargetUrl
public java.lang.String getUnauthorizedTargetUrl()
- Specified by:
getUnauthorizedTargetUrl
in interfaceSecuritySessionConfiguration
- Returns:
- String to be parsed into a URI which represents where the user is redirected to after trying to access a secured route.
-
getForbiddenTargetUrl
public java.lang.String getForbiddenTargetUrl()
- Specified by:
getForbiddenTargetUrl
in interfaceSecuritySessionConfiguration
- Returns:
- String to be parsed into a URI which represents where the user is redirected to after trying to access a secured route for which the does not have sufficient roles.
-
setLoginSuccessTargetUrl
public void setLoginSuccessTargetUrl(java.lang.String loginSuccessTargetUrl)
Sets the login success target URL. Default value ("/").- Parameters:
loginSuccessTargetUrl
- The URL
-
setLoginFailureTargetUrl
public void setLoginFailureTargetUrl(java.lang.String loginFailureTargetUrl)
Sets the login failure target URL. Default value ("/").- Parameters:
loginFailureTargetUrl
- The URL
-
setLogoutTargetUrl
public void setLogoutTargetUrl(java.lang.String logoutTargetUrl)
Sets the logout target URL. Default value ("/").- Parameters:
logoutTargetUrl
- The URL
-
setUnauthorizedTargetUrl
public void setUnauthorizedTargetUrl(java.lang.String unauthorizedTargetUrl)
Sets the unauthorized target URL.- Parameters:
unauthorizedTargetUrl
- The URL
-
setForbiddenTargetUrl
public void setForbiddenTargetUrl(java.lang.String forbiddenTargetUrl)
Sets the forbidden target URL.- Parameters:
forbiddenTargetUrl
- The URL
-
setEnabled
public void setEnabled(boolean enabled)
Sets whether the session config is enabled. Default value (false).- Parameters:
enabled
- True if it is enabled
-
getUnauthorizedRedirectUri
public java.util.Optional<java.lang.String> getUnauthorizedRedirectUri()
- Returns:
- A uri to redirect to when a user tries to access a secured resource without authentication.
-
getUnauthorizedRedirectUri
public java.util.Optional<java.lang.String> getUnauthorizedRedirectUri(io.micronaut.http.HttpRequest<?> request)
- Specified by:
getUnauthorizedRedirectUri
in interfaceUnauthorizedRejectionUriProvider
- Parameters:
request
-HttpRequest
being processed- Returns:
- A uri to redirect to when a user tries to access a secured resource without authentication.
-
getForbiddenRedirectUri
public java.util.Optional<java.lang.String> getForbiddenRedirectUri()
- Returns:
- A uri to redirect to when an authenticated user tries to access a resource for which he does not have the required authorization level.
-
getForbiddenRedirectUri
public java.util.Optional<java.lang.String> getForbiddenRedirectUri(io.micronaut.http.HttpRequest<?> request)
- Specified by:
getForbiddenRedirectUri
in interfaceForbiddenRejectionUriProvider
- Parameters:
request
-HttpRequest
being processed- Returns:
- A uri to redirect to when an authenticated user tries to access a resource for which he does not have the required authorization level.
-
-