154 lines
5.0 KiB
Plaintext
154 lines
5.0 KiB
Plaintext
@startuml spring-security-ServerHttpSecurity
|
|
skinparam Shadowing false
|
|
skinparam class {
|
|
BackgroundColor White
|
|
}
|
|
hide empty members
|
|
|
|
class ServerHttpSecurity {
|
|
+ ServerHttpSecurity addFilterAt(WebFilter webFilter, SecurityWebFilterOrder order)
|
|
+ ServerHttpSecurity addFilterBefore(WebFilter webFilter, SecurityWebFilterOrder order)
|
|
+ ServerHttpSecurity addFilterAfter(WebFilter webFilter, SecurityWebFilterOrder order)
|
|
+ Csrf csrf()
|
|
+ Cors cors()
|
|
+ AnonymousSpec anonymous()
|
|
+ HttpBasicSpec httpBasic()
|
|
+ PasswordManagementSpec passwordManagement()
|
|
+ FormLoginSpec formLogin()
|
|
+ X509Spec x509()
|
|
+ OAuth2LoginSpec oauth2Login()
|
|
+ OAuth2ClientSpec oauth2Client()
|
|
+ OAuth2ResourceServerSpec oauth2ResourceServer()
|
|
+ HeaderSpec header()
|
|
+ ExceptionHandlingSpec exceptionHandling()
|
|
+ AuthorizeExchangeSpec authorizeExchange()
|
|
+ LogoutSpec logout()
|
|
+ RequestCacheSpec requestCache()
|
|
+ ServerHttpSecurity authenticationManager(ReactiveAuthenticationManager manager)
|
|
}
|
|
|
|
class AuthorizeExchangeSpec {
|
|
+ ServerHttpSecurity and()
|
|
+ Access anyExchange()
|
|
}
|
|
|
|
class Access {
|
|
+ AuthorizeExchangeSpec permitAll()
|
|
+ AuthorizeExchangeSpec denyAll()
|
|
+ AuthorizeExchangeSpec hasRole(String role)
|
|
+ AuthorizeExchangeSpec hasAnyRole(String... roles)
|
|
+ AuthorizeExchangeSpec hasAuthority(String authority)
|
|
+ AuthorizeExchangeSpec hasAnyAuthority(String... authorities)
|
|
+ AuthorizeExchangeSpec authenticated()
|
|
+ AuthorizeExchangeSpec access(ReactiveAuthenticationManager<AuthorizationContext> manager)
|
|
}
|
|
|
|
abstract AbstractServerWebExchangeMatcherRegistry<T> {
|
|
+ T anyExchange()
|
|
+ T pathMatchers(HttpMethod method)
|
|
+ T pathMatchers(HttpMethod method, String... paths)
|
|
+ T pathMatchers(String... paths)
|
|
+ T matchers(ServerWebExchangeMatcher... matchers)
|
|
}
|
|
|
|
class HttpBasicSpec {
|
|
+ HttpBasicSpec authenticationManager(ReactiveAuthenticationManager manager)
|
|
+ HttpBasicSpec securityContextRepository(ServerSecurityContentsRepository repository)
|
|
+ HttpBasicSpec authenticationEntryPoint(ServerAuthenticationEntryPoint entryPoint)
|
|
+ ServerHttpSecurity and()
|
|
+ ServerHttpSecurity disable()
|
|
}
|
|
|
|
class PasswordManagementSpec {
|
|
+ PasswordManagementSpec changePasswordPage(String path)
|
|
+ ServerHttpSecurity and()
|
|
}
|
|
|
|
class FormLoginSpec {
|
|
+ FormLoginSpec authenticationManager(ReactiveAuthenticationManager manager)
|
|
+ FormLoginSpec authenticationSuccessHandler(ServerAuthenticationSuccessHandler handler)
|
|
+ FormLoginSpec LoginPage(String path)
|
|
+ FormLoginSpec authenticationEntryPoint(ServerAuthenticationEntryPoint entryPoint)
|
|
+ FormLoginSpec requiresAuthenticationMatcher(ServerWebExchangeMatcher matcher)
|
|
+ FormLoginSpec authenticationFailureHandler(ServerAuthenticationFailureHandler handler)
|
|
+ FormLoginSpec securityContextRepository(ServerSecurityContextRepository repository)
|
|
+ ServerHttpSecurity and()
|
|
+ ServerHttpSecurity disable()
|
|
}
|
|
|
|
class AnonymousSpec {
|
|
+ AnonymousSpec key(String name)
|
|
+ AnonymousSpec principal(Object principal)
|
|
+ AnonymousSpec authorities(List<GrantedAuthority> authorities)
|
|
+ AnonymousSpec authorities(Stirng... authorities)
|
|
+ AnonymousSpec authenticationFilter(AnonymousAuthenticationWebFilter filter)
|
|
+ ServerHttpSecurity and()
|
|
+ ServerHttpSecurity disable()
|
|
}
|
|
|
|
class HeaderSpec {
|
|
+ ServerHttpSecurity and()
|
|
+ CacheSpec cache()
|
|
+ ContentTypeOptionsSpec contentTypeOptions()
|
|
+ FrameOptionsSpec frameOptions()
|
|
+ HeaderSpec writer(ServerHttpHeadersWriter writer)
|
|
+ HstsSpec hsts()
|
|
+ XssProtectionSpec xssProtection()
|
|
+ ContentSecurityPolicySpec contentSecurityPolicy(String policy)
|
|
+ PermissionPolicySpec permissionPolicy()
|
|
+ RefererPolicySpec refererPolicy()
|
|
}
|
|
|
|
class CacheSpec {
|
|
+ HeaderSpec disable()
|
|
}
|
|
|
|
class ContentTypeOptionsSpec {
|
|
+ HeaderSpec disable()
|
|
}
|
|
|
|
class HstsSpec {
|
|
+ HstsSpec maxAge(Duration duration)
|
|
+ HstsSpec includeSubdomains(boolean include)
|
|
+ HstsSpec preload(boolean preload)
|
|
+ HeaderSpec and()
|
|
+ HeaderSpec disable()
|
|
}
|
|
|
|
class XssProtectionSpec {
|
|
+ HeaderSpec disable()
|
|
}
|
|
|
|
class ContentSecurityPolicySpec {
|
|
+ HeaderSpec reportOnly(boolean report)
|
|
+ HeaderSpec policyDirectives(String policyDirective)
|
|
+ HeaderSpec and()
|
|
}
|
|
|
|
class PermissionPolicySpec {
|
|
+ PermissionPolicySpec policy(String policy)
|
|
+ HeaderSpec and()
|
|
}
|
|
|
|
class RefererPolicySpec {
|
|
+ RefererPolicySpec policy(RefererPolicy policy)
|
|
+ HeaderSpec and()
|
|
}
|
|
|
|
ServerHttpSecurity +-- AuthorizeExchangeSpec
|
|
AbstractServerWebExchangeMatcherRegistry <- AuthorizeExchangeSpec
|
|
AuthorizeExchangeSpec +-- Access
|
|
ServerHttpSecurity +-- HttpBasicSpec
|
|
PasswordManagementSpec -+ ServerHttpSecurity
|
|
ServerHttpSecurity +--- FormLoginSpec
|
|
ServerHttpSecurity +- AnonymousSpec
|
|
HeaderSpec --+ ServerHttpSecurity
|
|
CacheSpec --+ HeaderSpec
|
|
ContentTypeOptionsSpec --+ HeaderSpec
|
|
HstsSpec -+ HeaderSpec
|
|
XssProtectionSpec --+ HeaderSpec
|
|
HeaderSpec -+ ContentSecurityPolicySpec
|
|
PermissionPolicySpec --+ HeaderSpec
|
|
RefererPolicySpec --+ HeaderSpec
|
|
|
|
@enduml |