I want to implement Spring Security in a Spring application to download. I have done this before using my Spring 4.0 application using JavaConfig. However, I find some differences in the style of the given examples.
In my case, the user is pre-authenticated, and we have our own authorization mechanism that contains business activity.
In my previous application, I use to configure
<filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter>
This filter would actually enable Spring protection in my application, which would launch the user token for further steps.
In the Spring boot reference documentation, I didn't get any trace of springSecurityFilterChain / DelegatingFilterProxy, so I got confused about how to start developing my module.
So the question is here, do I need to configure it manually? or was it taken into account in the autoconfiguration itself?
Secondly, I will need a lot of settings in Spring Security, so I do not need the functions provided by the w760 security system, like basic authentication. in this case, only creating my own bean with @EnableWebSecurity will disable the functionality?
Additional Information
4.2. Getting started with security namespace configuration This section will take a good look at how you can create a namespace configuration to take advantage of some basic structure features. Suppose you initially want to get up and running as quickly as possible, as well as add authentication support and access control to an existing web application with several test inputs. Then take a good look at how to switch to authentication with a database or other security repository. In the following sections, you will find more complex namespace configuration options.
4.2.1. Configuring web.xml The first thing you need to do is add the following filter declaration to the web.xml file:
<filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
This provides a binding to Spring's web security infrastructure. DelegatingFilterProxy is a Spring Framework class that delegates a filter implementation that is defined as a Spring bean in the context of your application. In this case, the bean is called "springSecurityFilterChain", which is the internal bean infrastructure created by the namespace to handle web security. Please note: you should not use this bean name yourself. Once you have added this to your web.xml, you are ready to start editing the application context file. Web security services are configured using the item.