Skip to content

Reactive doc points to unit tests #9157

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 3 commits into from
Closed

Reactive doc points to unit tests #9157

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0c9ba3b
Reactive doc point to unit tests
gberche-orange Oct 27, 2020
818d90c
Add section about multiple chains support
gberche-orange Oct 29, 2020
b0761ef
Refine section about multiple chains support
gberche-orange Nov 2, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 58 additions & 0 deletions docs/manual/src/docs/asciidoc/_includes/reactive/webflux.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -124,3 +124,61 @@ class HelloWebfluxSecurityConfig {

This configuration explicitly sets up all the same things as our minimal configuration.
From here you can easily make the changes to the defaults.

You can find more examples of explicit configuration in unit tests, by searching https://github.com/spring-projects/spring-security/search?q=path%3Aconfig%2Fsrc%2Ftest%2F+EnableWebFluxSecurity[EnableWebFluxSecurity in the `config/src/test/` directory].

[[jc-webflux-multiple-filter-chains]]
=== Multiple chains support

We can configure multiple `SecurityWebFilterChain` instances.

For example, the following is an example of having a specific configuration for URL's that start with `/api/`. This overrides the form login configuration with lower precedence.

[source,java]
----
@EnableWebFluxSecurity
@Import(ReactiveAuthenticationTestConfiguration.class)
static class MultiSecurityHttpConfig {

@Order(Ordered.HIGHEST_PRECEDENCE) <1>
@Bean
SecurityWebFilterChain apiHttpSecurity(ServerHttpSecurity http) {
http
.securityMatcher(new PathPatternParserServerWebExchangeMatcher("/api/**")) <2>
.authorizeExchange()
.anyExchange().denyAll();
return http.build();
}

@Bean
SecurityWebFilterChain webFormHttpSecurity(ServerHttpSecurity http) { <3>
http
.authorizeExchange((exchanges) ->
exchanges
.pathMatchers("/login").permitAll()
.anyExchange().authenticated()
)
.httpBasic(withDefaults())
.formLogin((formLogin) -> <4>
formLogin
.loginPage("/login")
);
return http.build();
}

@Bean
public static ReactiveUserDetailsService userDetailsService() {
return new MapReactiveUserDetailsService(PasswordEncodedUser.user(), PasswordEncodedUser.admin());
}

}

----

<1> Configure a SecurityWebFilterChain with an `@Order` to specify which `SecurityWebFilterChain` should be considered first
<2> The `PathPatternParserServerWebExchangeMatcher` states that this `SecurityWebFilterChain` will only be applicable to URLs that start with `/api/`
<3> Create another instance of `SecurityWebFilterChain` with lower precedence.
<4> Some configurations applies to all path matchers within the `webFormHttpSecurity` but not to `apiHttpSecurity` `SecurityWebFilterChain`.

If the URL does not start with `/api/` the `webFormHttpSecurity` configuration will be used.