202 lines
9.1 KiB
Plaintext
202 lines
9.1 KiB
Plaintext
@startuml spring-security-httpsecurity
|
|
skinparam Shadowing false
|
|
skinparam class {
|
|
BackgroundColor White
|
|
}
|
|
hide empty members
|
|
|
|
class HttpSecurity {
|
|
- RequestMatcherConfigurer requestMatcherConfigurer
|
|
- List<OrderedFilter> filters
|
|
- RequestMatcher requestMatcher
|
|
- FilterOrderRegistration filterOrders
|
|
- AuthenticationManager authenticationManager
|
|
- ApplicationContext getContext()
|
|
+ HeadersConfigurer<HttpSecurity> headers()
|
|
+ CorsConfigurer<HttpSecurity> cors()
|
|
+ SessionManagementConfigurer<HttpSecurity> sessionManagement()
|
|
+ PortMapperConfigurer<HttpSecurity> portMapper()
|
|
+ JeeConfigurer<HttpSecurity> jee()
|
|
+ X509Configurer<HttpSecurity> x509()
|
|
+ RememberMeConfigurer<HttpSecurity> rememberMe()
|
|
+ ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests()
|
|
+ AuthorizeHttpRequestsConfigurer<HttpSecurity>.AuthorizationManagerRequestMatcherRegistry authorizeHttpRequests()
|
|
+ RequestCacheConfigurer<HttpSecurity> requestCache()
|
|
+ ExceptionHandlingConfigurer<HttpSecurity> exceptionHandling()
|
|
+ SecurityContextConfigurer<HttpSecurity> serurityContext()
|
|
+ ServletApiConfigurer<HttpSecurity> servletApi()
|
|
+ CsrfConfigurer<HttpSecurity> csrf()
|
|
+ LogoutConfigurer<HttpSecurity> logout()
|
|
+ AnonymousConfigurer<HttpSecurity> anonymous()
|
|
+ FormLoginConfigurer<HttpSecurity> formLogin()
|
|
+ Saml2LoginConfigurer<HttpSecurity> saml2Login()
|
|
+ OAuth2LoginConfigurer<HttpSecurity> oauth2Login()
|
|
+ OAuth2ClientConfigurer<HttpSecurity> oauth2Client()
|
|
+ OAuth2ResourceServerConfigurer<HttpSecurity> oauth2ResouceServer()
|
|
+ ChannelSecurityConfigurer<HttpSecurity>.ChannelRequestMatcherRegistry requiresChannel()
|
|
+ HttpBasicConfigurer<HttpSecurity> httpBasic()
|
|
+ HttpSecurity passwordManagement(Customizer<PasswordManagementConfigurer<HttpSecurity>> customizer)
|
|
+ HttpSecurity authenticationManager(AuthenticationManager authenticationManager)
|
|
+ RequestMatcherConfigurer requestMatchers()
|
|
+ HttpSecurity antMatcher(String antPattern)
|
|
+ HttpSecurity mvcMatcher(String mvcPattern)
|
|
+ HttpSecurity regexMatcher(String pattern)
|
|
}
|
|
|
|
class MvcMatchersRequestMatcherConfigurer {
|
|
+ RequestMatcherConfigurer servletPath(String servletPath)
|
|
}
|
|
|
|
class RequestMatcherConfigurer {
|
|
# List<RequestMatcher> matchers
|
|
+ HttpSecurity and()
|
|
}
|
|
|
|
abstract AbstractRequestMatcherRegistry<C> {
|
|
-{static} RequestMatcher ANY_REQUEST
|
|
- ApplicationContext context
|
|
- boolean anyRequestConfigured
|
|
+ C anyRequest()
|
|
+ C antMathcers(HttpMethod method)
|
|
+ C antMatchers(HttpMethod method, String... antPatterns)
|
|
+ C antMatchers(String... antPattern)
|
|
+{abstract} C mvcMatchers(String... mvcPatterns)
|
|
+{abstract} C mvcMatchers(HttpMethod method, String... mvcPattern)
|
|
+ C regexMatchers(HttpMethod method, String... regexPatterns)
|
|
+ C regexMatchers(String... regexPatterns)
|
|
+ C dispatcherTypeMatchers(HttpMethod method, DispatcherType... dispatcherTypes)
|
|
+ C dispatcherTypeMatchers(DispatcherType... dispatcherTypes)
|
|
+ C requestMatchers(RequestMatcher... requestMatchers)
|
|
#{abstract} C chainRequestMatchers(List<RequestMatchers> requestMatchers)
|
|
}
|
|
|
|
abstract AbstractHttpConfigurer<T, B> {
|
|
+ B disable()
|
|
+ T withObjectPostProcessor(ObjectPostProcessor<?> processor)
|
|
}
|
|
|
|
abstract SecurityConfigurerAdpter<O, B extends SecurityBuilder<O>> {
|
|
- B securityBuilder
|
|
+ void configure(B builder)
|
|
+ B and()
|
|
+ void addObjectPostProcessor(ObjectPostProcessor<?> processor)
|
|
}
|
|
|
|
interface SecurityConfigurer<O, B extends SecurityBuilder<O>> {
|
|
+ void init(B builder)
|
|
+ void configure(B builder)
|
|
}
|
|
|
|
class HeadersConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ HeadersConfigurer<H> addHeaderWriter(HeaderWriter headerWriter)
|
|
+ ContentTypeOptionsConfig contentTypeOptions()
|
|
+ XXssConfig xssProtection()
|
|
+ CacheControlConfig cacheControl()
|
|
+ HstsConfig httpStrictTransportSecurity()
|
|
+ FrameOptionsConfig frameOptions()
|
|
+ HpkpConfig httpPublicKeyPinning()
|
|
+ ContentSecurityPolicyConfig contentSecurityPolicy()
|
|
+ HeadersConfigurer<H> defaultDisabled()
|
|
+ ReferrerPolicyConfig referrerPolicy()
|
|
+ ReferrerPolicyConfig referrerPolicy(ReferrerPolicy policy)
|
|
+ PermissionPolicyConfig permissionPolicy()
|
|
}
|
|
|
|
class CorsConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ CorsConfigurer<H> configurationSource(CorsConfigurationSource source)
|
|
}
|
|
|
|
class CsrfConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ CsrfConfigurer<H> csrfTokenRepository(CsrfTokenRepository repo)
|
|
+ CsrfConfigurer<H> requireCsrfProtectionMatcher(RequestMatcher matcher)
|
|
+ CsrfConfigurer<H> ignoringAntMatcher(String... patterns)
|
|
+ CsrfConfigurer<H> ignoringRequestMatchers(RequestMatcher... matchers)
|
|
+ CsrfConfigurer<H> sessionAuthenticationStrategy(SessionAuthenticationStrategy strategy)
|
|
}
|
|
|
|
class AnonymousConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ AnonymousConfigurer<H> key(String key)
|
|
+ AnonymousConfigurer<H> principal(Object principal)
|
|
+ AnonymousConfigurer<H> authorities(List<GrantedAuthority> authorities)
|
|
+ AnonymousConfigurer<H> authorities(String... authorities)
|
|
+ AnonymousConfigurer<H> authenticationProvider(AuthenticationProvider provider)
|
|
+ AnonymousConfigurer<H> authenticationFilter(AnonymousAuthenticationFilter filter)
|
|
}
|
|
|
|
class LogoutConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ LogoutConfigurer<H> addLogoutHandler(LogoutHandler handler)
|
|
+ LogoutConfigurer<H> clearAuthentication(boolean clearAuthentication)
|
|
+ LogoutConfigurer<H> invalidateHttpSession(boolean invalidate)
|
|
+ LogoutConfigurer<H> logoutUrl(String url)
|
|
+ LogoutConfigurer<H> logoutRequestMatcher(RequestMatcher matcher)
|
|
+ LogoutConfigurer<H> logoutSuccessUrl(String url)
|
|
+ LogoutConfigurer<H> permitAll()
|
|
+ LogoutConfigurer<H> deleteCookies(String... names)
|
|
+ LogoutConfigurer<H> logoutSuccessHandler(LogoutSuccessHandler handler)
|
|
+ LogoutConfigurer<H> defaultLogoutSuccessHandlerFor(logoutSuccessHandler handler, RequestMatcher matcher)
|
|
+ LogoutConfigurer<H> permitAll(boolean permitAll)
|
|
}
|
|
|
|
class RememberMeConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ RememberMeConfigurer<H> tokenValidatySeconds(int sec)
|
|
+ RememberMeConfigurer<H> useSecureCookie(boolean secured)
|
|
+ RememberMeConfigurer<H> useDetailsService(UserDetailsService service)
|
|
+ RememberMeConfigurer<H> toeknRepository(PersistentToeknRepository repo)
|
|
+ RememberMeConfigurer<H> key(String key)
|
|
+ RememberMeConfigurer<H> rememberMeParameter(String param)
|
|
+ RememberMeConfigurer<H> rememberMeCookieName(String name)
|
|
+ RememberMeConfigurer<H> rememberMeCookieDomain(String domain)
|
|
+ RememberMeConfigurer<H> authenticationSuccessHandler(AuthenticationSuccessHandler handler)
|
|
+ RememberMeConfigurer<H> rememberMeServices(RememberMeServices service)
|
|
+ RememberMeConfigurer<H> alwaysRemember(boolea always)
|
|
}
|
|
|
|
class FormLoginConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ FormLoginConfigurer<H> loginPage(String loginPage)
|
|
+ FormLoginConfigurer<H> usernameParameter(String param)
|
|
+ FormLoginConfigurer<H> passwordParameter(String param)
|
|
+ FormLoginConfigurer<H> failureForwardUrl(String url)
|
|
+ FormLoginConfigurer<H> successForwardUrl(String url)
|
|
}
|
|
|
|
class HttpBasicConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ HttpBasicConfigurer<H> realmName(String name)
|
|
+ HttpBasicConfigurer<H> authenticationEntryPoint(AuthenticationEntryPoint entryPoint)
|
|
+ HttpBasicConfigurer<H> authenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?> source)
|
|
}
|
|
|
|
class ExceptionHandlingConfigurer<H extends HttpSecurityBuilder<H>> {
|
|
+ ExceptionHandlingConfigurer<H> accessDeniedPage(String url)
|
|
+ ExceptionHandlingConfigurer<H> accessDeniedHandler(AccessDeniedHandler handler)
|
|
+ ExceptionHandlingConfigurer<H> defaultAccessDeniedHandlerFor(AccessDeniedHandler handler, RequestMatcher matcher)
|
|
+ ExceptionHandlingConfigurer<H> authenticationEntryPoint(AuthenticationEntryPoint entryPoint)
|
|
+ ExceptionHandlingConfigurer<H> defaultAuthenticationEntryPointFor(AuthenticationEntryPoint entryPoint, RequestMatcher matcher)
|
|
}
|
|
|
|
MvcMatchersRequestMatcherConfigurer --|> RequestMatcherConfigurer
|
|
MvcMatchersRequestMatcherConfigurer --+ HttpSecurity
|
|
RequestMatcherConfigurer --+ HttpSecurity
|
|
AbstractRequestMatcherRegistry <|. RequestMatcherConfigurer
|
|
SecurityConfigurerAdpter --|> SecurityConfigurer
|
|
AbstractHttpConfigurer ..|>SecurityConfigurerAdpter
|
|
|
|
HeadersConfigurer -* HttpSecurity
|
|
CorsConfigurer --* HttpSecurity
|
|
HttpSecurity *-- CsrfConfigurer
|
|
HttpSecurity *-- AnonymousConfigurer
|
|
HttpSecurity *-- LogoutConfigurer
|
|
HttpSecurity *-- RememberMeConfigurer
|
|
HttpSecurity *-- FormLoginConfigurer
|
|
HttpSecurity *- HttpBasicConfigurer
|
|
HttpSecurity *- ExceptionHandlingConfigurer
|
|
|
|
HeadersConfigurer --|> AbstractHttpConfigurer
|
|
CorsConfigurer ----|> AbstractHttpConfigurer
|
|
AbstractHttpConfigurer <|- CsrfConfigurer
|
|
AnonymousConfigurer --|> AbstractHttpConfigurer
|
|
LogoutConfigurer -|> AbstractHttpConfigurer
|
|
RememberMeConfigurer --|> AbstractHttpConfigurer
|
|
FormLoginConfigurer --|> AbstractHttpConfigurer
|
|
HttpBasicConfigurer ----|> AbstractHttpConfigurer
|
|
ExceptionHandlingConfigurer --|> AbstractHttpConfigurer
|
|
@enduml |