-
Notifications
You must be signed in to change notification settings - Fork 2
Apply security
CAS in the cloud LELEU Jérôme edited this page Aug 9, 2022
·
2 revisions
You can protect (authentication + authorization) the URLs of your web application/services by using the SecurityFilter.
>> Read the documentation to understand its behavior and the available options.
@Configuration
@ComponentScan(basePackages = "org.pac4j.springframework.web")
public class ApplicationConfig {
@Bean
public WebFilter securityFilter() {
return new SecurityFilter(config(), "MyClient", null, "securitypath");
}
@Bean
public Config config() {
...
final Clients clients = new Clients("http://localhost:8080/callback", ...);
final Config config = new Config(clients);
final PathMatcher matcher = new PathMatcher().excludePaths("/", "/callback", "/logout");
config.addMatcher("securitypath", matcher);
return config;
}
}The default internal components of the SecurityFilter are: SpringWebfluxSessionStore, SpringWebfluxHttpActionAdapter.INSTANCE, DefaultSecurityLogic.INSTANCE and SpringWebfluxWebContextFactory.INSTANCE.