Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rework FlowUI security configuration #3226

Closed
gorbunkov opened this issue May 6, 2024 · 1 comment · Fixed by #3182
Closed

Rework FlowUI security configuration #3226

gorbunkov opened this issue May 6, 2024 · 1 comment · Fixed by #3182
Assignees
@gorbunkov
Labels
in: flowui size: L
Projects
Jmix Roadmap

Comments

@gorbunkov
Copy link
Contributor

The io.jmix.securityflowui.FlowuiSecurityConfiguration contains the code copied from the com.vaadin.flow.spring.security.VaadinWebSecurity. This is because we couldn't extend the standard Vaadin behavior just by overriding the VaadinWebSecurity class.

It appears that now we can extend the VaadinWebSecurity class as described in Vaadin documentation.
@gorbunkov gorbunkov self-assigned this May 6, 2024
@gorbunkov gorbunkov linked a pull request May 6, 2024 that will close this issue
Rework FlowUI security configuration #3182
Merged
gorbunkov added a commit that referenced this issue May 6, 2024
@gorbunkov
Rework FlowUI security configuration #3226 (#3182)
54366db 
* Rework FlowUI security configuration

- FlowUI security configuration extends VaadinWebSecurity
- Screen access is implemented using the Navigation Access Control mechanism
- SecurityContext is being explicitly saved to the SecurityContextRepository (default Spring Security behavior)
- New OidcVaadinWebSecurity security configuration class for OIDC add-on
- AuthenticationContext.logout is used for logout instead of navigating to /logout
- SecurityContextHolderAtmosphereInterceptor is deprecated and disabled by default
- Deprecate UiViewAccessChecker
- Do not register bean for UiViewAccessCheckerInitializer
- Do not register DefaultFlowuiVaadinWebSecurity bean if any VaadinWebSecurity bean is already defined (e.g. from OIDC)
@gorbunkov
Copy link
Contributor Author

See implementation details in the related pull request: #3182

@knstvk knstvk added this to June 2024 release in Jmix Roadmap May 7, 2024
This was referenced May 14, 2024
Open
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gorbunkov gorbunkov

Labels
in: flowui size: L
Projects
Jmix Roadmap
June 2024 release
Release 2.3
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Rework FlowUI security configuration jmix-framework/jmix
1 participant
@gorbunkov