Package edu.ucsb.cs156.example.config

Class SecurityConfig

java.lang.Object
edu.ucsb.cs156.example.config.SecurityConfig
@Configuration @EnableWebSecurity @EnableMethodSecurity public class SecurityConfig extends Object
The `SecurityConfig` class in Java configures web security with OAuth2 login, CSRF protection, and role-based authorization based on user email addresses.

  • Constructor Summary Link icon

    Constructors
    Constructor
    Description
    SecurityConfig()
     

  • Method Summary Link icon

    Modifier and Type
    Method
    Description
    org.springframework.security.web.SecurityFilterChain
    filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
    The `filterChain` method in this Java code configures various security settings for an HTTP request, including authorization, exception handling, OAuth2 login, CSRF protection, and logout behavior.
    boolean
    getAdmin(String email)
    This method checks if the given email belongs to an admin user either from a predefined list or by querying the user repository.
    org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer
    webSecurityCustomizer()
    The `webSecurityCustomizer` method is used to configure web security in Java, specifically ignoring requests to the "/h2-console/**" path.

    Methods inherited from class java.lang.Object Link icon

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details Link icon

    • SecurityConfig Link icon

      public SecurityConfig()

  • Method Details Link icon

    • filterChain Link icon

      @Bean public org.springframework.security.web.SecurityFilterChain filterChain(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      The `filterChain` method in this Java code configures various security settings for an HTTP request, including authorization, exception handling, OAuth2 login, CSRF protection, and logout behavior.
      Parameters:
      http - injected HttpSecurity object (injected by Spring framework) //
      Throws:
      Exception

    • webSecurityCustomizer Link icon

      @Bean public org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer webSecurityCustomizer()
      The `webSecurityCustomizer` method is used to configure web security in Java, specifically ignoring requests to the "/h2-console/**" path.

    • getAdmin Link icon

      public boolean getAdmin(String email)
      This method checks if the given email belongs to an admin user either from a predefined list or by querying the user repository.
      Parameters:
      email - email address of the user
      Returns:
      whether the user with the given email is an admin