diff options
Diffstat (limited to 'aai-traversal/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java')
-rw-r--r-- | aai-traversal/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/aai-traversal/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java b/aai-traversal/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java index c92d818..e24013b 100644 --- a/aai-traversal/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java +++ b/aai-traversal/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java @@ -11,7 +11,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -23,6 +23,7 @@ * ============LICENSE_END========================================================= */ package org.onap.aai.rest.security; + import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver; import org.keycloak.adapters.springsecurity.KeycloakConfiguration; import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider; @@ -40,35 +41,36 @@ import org.springframework.security.core.session.SessionRegistryImpl; import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy; import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy; import org.springframework.security.web.session.HttpSessionEventPublisher; + @Profile("keycloak") @KeycloakConfiguration @Import({KeycloakSpringBootConfigResolver.class}) public class WebSecurityConfig extends KeycloakWebSecurityConfigurerAdapter { @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) { - KeycloakAuthenticationProvider keycloakAuthenticationProvider - = keycloakAuthenticationProvider(); - keycloakAuthenticationProvider.setGrantedAuthoritiesMapper( - new SimpleAuthorityMapper()); + KeycloakAuthenticationProvider keycloakAuthenticationProvider = + keycloakAuthenticationProvider(); + keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper()); auth.authenticationProvider(keycloakAuthenticationProvider); } + @Bean public ServletListenerRegistrationBean<HttpSessionEventPublisher> httpSessionEventPublisher() { return new ServletListenerRegistrationBean<>(new HttpSessionEventPublisher()); } + @Bean @Override protected SessionAuthenticationStrategy sessionAuthenticationStrategy() { - return new RegisterSessionAuthenticationStrategy( - new SessionRegistryImpl()); + return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl()); } + @Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); - http.authorizeRequests() - .antMatchers("/**") - .permitAll().and().csrf().disable(); + http.authorizeRequests().antMatchers("/**").permitAll().and().csrf().disable(); } + @Override public void configure(WebSecurity web) throws Exception { web.ignoring().regexMatchers("^.*/util/echo$"); |