001/* 002 * Copyright 2012-2018 the original author or authors. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 017package org.springframework.boot.autoconfigure.security.servlet; 018 019import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; 020import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; 021import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; 022import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication.Type; 023import org.springframework.boot.autoconfigure.security.SecurityProperties; 024import org.springframework.context.annotation.Configuration; 025import org.springframework.core.annotation.Order; 026import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 027 028/** 029 * The default configuration for web security. It relies on Spring Security's 030 * content-negotiation strategy to determine what sort of authentication to use. If the 031 * user specifies their own {@link WebSecurityConfigurerAdapter}, this will back-off 032 * completely and the users should specify all the bits that they want to configure as 033 * part of the custom security configuration. 034 * 035 * @author Madhura Bhave 036 * @since 2.0.0 037 */ 038@Configuration 039@ConditionalOnClass(WebSecurityConfigurerAdapter.class) 040@ConditionalOnMissingBean(WebSecurityConfigurerAdapter.class) 041@ConditionalOnWebApplication(type = Type.SERVLET) 042public class SpringBootWebSecurityConfiguration { 043 044 @Configuration 045 @Order(SecurityProperties.BASIC_AUTH_ORDER) 046 static class DefaultConfigurerAdapter extends WebSecurityConfigurerAdapter { 047 048 } 049 050}