Class SplibWebSecurityConfigForAdmin

java.lang.Object
jp.ecuacion.splib.web.config.SplibWebSecurityConfigForAdmin
public abstract class SplibWebSecurityConfigForAdmin extends Object
Provides the abstract SecurityConfig class for admin.

Since using this class is not mandatory in the library, it's abstract and It has no annotations to be recognized as it. If you want to use this, create a new class which extends it and put class annotations on the new class: Configuration and EnableWebSecurity.

  • Field Details

    • ADMIN_FULL_ACCESS

      public static final String ADMIN_FULL_ACCESS
      Defines the string for the role "ACCOUNT_FULL_ACCESS".
      See Also:

  • Constructor Details

    • SplibWebSecurityConfigForAdmin

      public SplibWebSecurityConfigForAdmin()

  • Method Details

    • getDefaultSuccessUrl

      protected abstract String getDefaultSuccessUrl()
      Returns the url when the login procedure successfully ended.

    • getLoginNeededPage

      protected abstract String getLoginNeededPage()
      Returns the url when the login needed page when there is no logged in account in the session.

    • getRoleInfo

      protected abstract List<AuthorizationBean> getRoleInfo()
      Returns the role list of AuthorizationBean.

      There's a reserved role: ACCOUNT_FULL_ACCESS. This offers full access to /account/** so it's easily used for admin user or power user.

      Returns:
      the role list of AuthorizationBean

    • getAuthorityInfo

      protected abstract List<AuthorizationBean> getAuthorityInfo()
      Returns the authority list of AuthorizationBean.
      Returns:
      the authority list of AuthorizationBean

    • getAccessDeniedPage

      protected abstract String getAccessDeniedPage()
      Returns the url when the access denied page is accessed.

      This happens in the case of non-exist url access and csrf token error.