properties
configCas.cas_loginUrl = https://sso.example.com/cas/login
configCas.cas_protocol = CAS30
configOidc.oidc_discoveryURI = https://oidc.example.com/.well-known/openid-configuration
configOidc.oidc_clientId = your_client_id
configOidc.oidc_clientSecret = your_client_secret
configClients.cas = org.pac4j.cas.client.CasClient
configClients.cas.loginUrl = $configCas.cas_loginUrl
configClients.cas.protocol = $configCas.cas_protocol
configClients.oidc = org.pac4j.oidc.client.OidcClient
configClients.oidc.discoveryURI = $configOidc.oidc_discoveryURI
configClients.oidc.clientId = $configOidc.oidc_clientId
configClients.oidc.clientSecret = $configOidc.oidc_clientSecret
configAuthorizers.authorizer = org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer
configAuthorizers.authorizer.roles = ROLE_USER, ROLE_ADMIN
configClients.securityHeaders.hsts = false
configClients.securityHeaders.hpkpReportOnly = false
configClients.securityHeaders.contentSecurityPolicy = default-src 'self'
config.httpActionAdapter = org.pac4j.core.http.adapter.J2EHttpActionAdapter
config.filters = cas, oidc
config.clients = cas, oidc
config.authorizers = authorizer
config.securityHeaders = securityHeaders
import org.pac4j.core.config.Config;
import org.pac4j.springframework.web.SecurityInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class SecurityConfig implements WebMvcConfigurer {
@Autowired
private Config config;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(securityInterceptor());
}
@Bean
public SecurityInterceptor securityInterceptor() {
return new SecurityInterceptor(config, "config");
}
}