Integration with other modules

AcrossWebModule

Admin web creates its own PrefixingRequestMappingHandlerMapping that picks up all @AdminWebController and will prefix all request mappings with the root path of the admin web module.

Provide an AdminWebConfigurerAdapter if you want to register interceptors that should only be applied to the admin web controllers.

SpringSecurityModule

By default AdminWebModule adds a SpringWebSecurityConfigurerAdapter with default rules for all requests under the admin web root. If you wish to modify the default security rules, you must provide your own SpringWebSecurityConfigurerAdapter that is positioned before the default AdminWebSecurityConfiguration instance.

If you create a new SpringWebSecurityConfigurerAdapater you will need to scope it correctly to the admin web root path and provide all rules including things like login/logout and remember me. If you are interested more in extending the default configuration, you can extend AdminWebSecurityConfiguration and override the customizeAdminWebSecurity adapter method.

Example of disabling security headers on admin web
/**
 * Create a custom security configurer that extends from the
 * default AdminWebSecurityConfiguration but disables all
 * security headers.
 *
 * The @OrderInModule annotation will ensure that this
 * configurer will be positioned before the default configuration
 * once we add it to the AdminWebModule context.
 */
@Configuration
@OrderInModule(Ordered.HIGHEST_PRECEDENCE)
public class DisableAdminWebSecurityHeaders extends AdminWebSecurityConfiguration
{
	@Override
	protected void customizeAdminWebSecurity( HttpSecurity http ) throws Exception {
		http.headers().disable();
	}
}

...

// Add the custom security configuration to the AdminWebModule
AdminWebModule adminWebModule = new AdminWebModule();
adminWebModule.addApplicationContextConfigurer( DisableAdminWebSecurityHeaders.class );

ApplicationInfoModule

If the ApplicationInfoModule is present in the context, the configured application information will be used to set the default remember-me cookie name (based on the ApplicationInfo.getApplicationId()) and application title for the administration interface (based on the ApplicationInfo.getApplicationName() property).use DebugWebConfigurerAdapter to add interceptors only to debug web

« Configuration properties Integration with other modules Customizing Admin Web »