|
|
@@ -19,11 +19,15 @@
|
|
|
package org.springframework.security.config.annotation.web.reactive;
|
|
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
+import org.springframework.context.ApplicationContext;
|
|
|
import org.springframework.context.annotation.Bean;
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
+import org.springframework.security.config.web.server.HttpSecurity;
|
|
|
import org.springframework.security.web.server.SecurityWebFilterChain;
|
|
|
import org.springframework.security.web.server.WebFilterChainFilter;
|
|
|
+import org.springframework.util.ObjectUtils;
|
|
|
|
|
|
+import java.util.Arrays;
|
|
|
import java.util.List;
|
|
|
|
|
|
/**
|
|
|
@@ -36,8 +40,27 @@ public class WebFluxSecurityConfiguration {
|
|
|
@Autowired(required = false)
|
|
|
private List<SecurityWebFilterChain> securityWebFilterChains;
|
|
|
|
|
|
+ @Autowired
|
|
|
+ ApplicationContext context;
|
|
|
+
|
|
|
@Bean
|
|
|
public WebFilterChainFilter springSecurityFilterChain() {
|
|
|
- return WebFilterChainFilter.fromSecurityWebFilterChainsList(securityWebFilterChains);
|
|
|
+ return WebFilterChainFilter.fromSecurityWebFilterChainsList(getSecurityWebFilterChains());
|
|
|
+ }
|
|
|
+
|
|
|
+ private List<SecurityWebFilterChain> getSecurityWebFilterChains() {
|
|
|
+ List<SecurityWebFilterChain> result = securityWebFilterChains;
|
|
|
+ if(ObjectUtils.isEmpty(result)) {
|
|
|
+ return defaultSecurityWebFilterChains();
|
|
|
+ }
|
|
|
+ return result;
|
|
|
+ }
|
|
|
+
|
|
|
+ private List<SecurityWebFilterChain> defaultSecurityWebFilterChains() {
|
|
|
+ HttpSecurity http = context.getBean(HttpSecurity.class);
|
|
|
+ http
|
|
|
+ .authorizeExchange()
|
|
|
+ .anyExchange().authenticated();
|
|
|
+ return Arrays.asList(http.build());
|
|
|
}
|
|
|
}
|
Rob Winch