java.lang.Object
- com.activeviam.risk.cfg.security.impl.ASecurityConfig

Direct Known Subclasses:

ActiveMonitorSecurityConfig, SecurityConfig
```
@EnableGlobalAuthentication
@Configuration
public abstract class ASecurityConfig
extends Object
```
Generic implementation for security configuration of a server hosting ActivePivot, or Content server or ActiveMonitor.
This class contains methods:
* To define authorized users, * To enable anonymous user access, * To configure the JWT filter, * To configure the security for Version service.

Author:

ActiveViam

Nested Class Summary

Nested Classes
Modifier and Type	Class	Description
`static class`	`ASecurityConfig.AJwtSecurityConfigurer`	Configuration for JWT.
`static class`	`ASecurityConfig.AVersionSecurityConfigurer`	Configuration for Version service to allow anyone to access this service
`static class`	`ASecurityConfig.AWebSecurityConfigurer`	Common configuration for `HttpSecurity`.

Field Summary

Fields
Modifier and Type	Field	Description
`static String`	`AP_COOKIE_NAME`
`static String`	`BASIC_AUTH_BEAN_NAME`
`protected com.qfs.server.cfg.IJwtConfig`	`jwtConfig`
`static String`	`PIVOT_USER`
`static String[]`	`PIVOT_USER_ROLES`
`static String`	`ROLE_ACTIVEMONITOR`
`static String`	`ROLE_ADMIN`
`static String`	`ROLE_CS_ROOT`
`static String`	`ROLE_KPI`	ROLE_KPI is added to users, to give them permission to read kpis created by other users in the content server In order to "share" kpis created in the content server, the kpi reader role is set to : ROLE_KPI
`static String`	`ROLE_TECH`
`static String`	`ROLE_USER`
`static boolean`	`useAnonymous`	Set to true to allow anonymous access
`static String`	`USER_ACTIVEMONITOR`
`static String[]`	`USERS`

Constructor Summary

Constructors
Constructor Description

ASecurityConfig()

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected static String[]`	`activeMonitorGrantedAuthorities()`	The authorities of the sentinel technical user
`com.quartetfs.biz.pivot.security.IAuthorityComparator`	`authorityComparator()`	[Bean] Comparator for user roles
`org.springframework.security.web.AuthenticationEntryPoint`	`basicAuthenticationEntryPoint()`	Returns the default `AuthenticationEntryPoint` to use for the fallback basic HTTP authentication.
`void`	`configureGlobal(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)`
`org.springframework.security.crypto.password.PasswordEncoder`	`passwordEncoder()`
`protected org.springframework.security.provisioning.UserDetailsManager`	`technicalUserDetailsService()`	Creates and returns the technical users (one for ActivePivot Live, one for ActivePivot) that can be used to authenticate the connections from ActivePivot Live or ActivePivot
`org.springframework.security.core.userdetails.UserDetailsService`	`userDetailsService()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - USERS
```
public static final String[] USERS
```
  - useAnonymous
```
public static final boolean useAnonymous
```
    Set to true to allow anonymous access
    
    See Also:
    
    Constant Field Values
  - BASIC_AUTH_BEAN_NAME
```
public static final String BASIC_AUTH_BEAN_NAME
```
    See Also:
    
    Constant Field Values
  - AP_COOKIE_NAME
```
public static final String AP_COOKIE_NAME
```
    See Also:
    
    Constant Field Values
  - ROLE_USER
```
public static final String ROLE_USER
```
    See Also:
    
    Constant Field Values
  - ROLE_ADMIN
```
public static final String ROLE_ADMIN
```
    See Also:
    
    Constant Field Values
  - ROLE_TECH
```
public static final String ROLE_TECH
```
    See Also:
    
    Constant Field Values
  - ROLE_CS_ROOT
```
public static final String ROLE_CS_ROOT
```
  - ROLE_ACTIVEMONITOR
```
public static final String ROLE_ACTIVEMONITOR
```
    See Also:
    
    Constant Field Values
  - USER_ACTIVEMONITOR
```
public static final String USER_ACTIVEMONITOR
```
    See Also:
    
    Constant Field Values
  - ROLE_KPI
```
public static final String ROLE_KPI
```
    ROLE_KPI is added to users, to give them permission to read kpis created by other users in the content server In order to "share" kpis created in the content server, the kpi reader role is set to : ROLE_KPI
    
    See Also:
    
    Constant Field Values
  - PIVOT_USER
```
public static final String PIVOT_USER
```
    See Also:
    
    Constant Field Values
  - PIVOT_USER_ROLES
```
public static final String[] PIVOT_USER_ROLES
```
  - jwtConfig
```
@Autowired
protected com.qfs.server.cfg.IJwtConfig jwtConfig
```
- Constructor Detail
  - ASecurityConfig
```
public ASecurityConfig()
```
- Method Detail
  - basicAuthenticationEntryPoint
```
@Bean(name="basicAuthenticationEntryPoint")
public org.springframework.security.web.AuthenticationEntryPoint basicAuthenticationEntryPoint()
```
    Returns the default AuthenticationEntryPoint to use for the fallback basic HTTP authentication.
    
    Returns:
    
    The default AuthenticationEntryPoint for the fallback HTTP basic authentication.
  - configureGlobal
```
@Autowired
public void configureGlobal(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder auth)
                     throws Exception
```
    Throws:
    
    Exception
  - userDetailsService
```
@Bean
public org.springframework.security.core.userdetails.UserDetailsService userDetailsService()
```
  - technicalUserDetailsService
```
protected org.springframework.security.provisioning.UserDetailsManager technicalUserDetailsService()
```
    Creates and returns the technical users (one for ActivePivot Live, one for ActivePivot) that can be used to authenticate the connections from ActivePivot Live or ActivePivot
    
    Returns:
    
    user data
  - authorityComparator
```
@Bean
public com.quartetfs.biz.pivot.security.IAuthorityComparator authorityComparator()
```
    [Bean] Comparator for user roles
    Defines the comparator used by:
    * com.quartetfs.biz.pivot.security.impl.ContextValueManager#setAuthorityComparator(IAuthorityComparator)
    * IJwtService
    
    Returns:
    
    a comparator that indicates which authority/role prevails over another. NOTICE - an authority coming AFTER another one prevails over this "previous" authority. This authority ordering definition is essential to resolve possible ambiguity when, for a given user, a context value has been defined in more than one authority applicable to that user. In such case, it is what has been set for the "prevailing" authority that will be effectively retained for that context value for that user.
  - activeMonitorGrantedAuthorities
```
protected static String[] activeMonitorGrantedAuthorities()
```
    The authorities of the sentinel technical user
    
    Returns:
    
    the authorities of the sentinel technical user
  - passwordEncoder
```
@Bean
public org.springframework.security.crypto.password.PasswordEncoder passwordEncoder()
```

Class ASecurityConfig

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

USERS

useAnonymous

BASIC_AUTH_BEAN_NAME

AP_COOKIE_NAME

ROLE_USER

ROLE_ADMIN

ROLE_TECH

ROLE_CS_ROOT

ROLE_ACTIVEMONITOR

USER_ACTIVEMONITOR

ROLE_KPI

PIVOT_USER

PIVOT_USER_ROLES

jwtConfig

Constructor Detail

ASecurityConfig

Method Detail

basicAuthenticationEntryPoint

configureGlobal

userDetailsService

technicalUserDetailsService

authorityComparator

activeMonitorGrantedAuthorities

passwordEncoder