Package energy.eddie.core

Class CoreSecurityConfig

java.lang.Object
energy.eddie.core.CoreSecurityConfig
@Configuration @EnableWebSecurity public class CoreSecurityConfig extends Object

  • Constructor Details

    • CoreSecurityConfig

      public CoreSecurityConfig()

  • Method Details

    • coreSecurityFilterChain

      @Bean public org.springframework.security.web.SecurityFilterChain coreSecurityFilterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http, org.springframework.web.cors.CorsConfigurationSource corsConfigurationSource) throws Exception
      Add a custom security filter chain for core, otherwise Spring will create a default one.
      Throws:
      Exception

    • userDetailsService

      @Bean public org.springframework.security.provisioning.InMemoryUserDetailsManager userDetailsService(@Value("${outbound-connector.admin.console.login.mode:false}") String loginMode, @Value("${outbound-connector.admin.console.login.username:admin}") String username, @Value("${outbound-connector.admin.console.login.encoded-password:$2a$10$qYTmwhGa3dd7Sl1CdXKKHOfmf0lNXL3L2k4CVhhm3CfY131hrcEyS}") String encodedPassword)
      Generate admin user for basic login to admin console or provide a custom InMemoryUserDetailsManager to avoid Spring auto-generating a user.

    • jwtUtil

      @Bean public JwtUtil jwtUtil(@Value("${eddie.jwt.hmac.secret}") String jwtHmacSecret, TimeoutConfiguration timeoutConfiguration)

    • corsConfigurationSource

      @Bean public org.springframework.web.cors.CorsConfigurationSource corsConfigurationSource(@Value("${eddie.cors.allowed-origins:}") String allowedCorsOrigins)

    • jwtHeaderAuthorizationManager

      @Bean public JwtAuthorizationManager jwtHeaderAuthorizationManager(JwtUtil jwtUtil)