diff options
Diffstat (limited to 'cps-application/src')
-rw-r--r-- | cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java | 13 | ||||
-rw-r--r-- | cps-application/src/main/resources/application.yml | 2 |
2 files changed, 6 insertions, 9 deletions
diff --git a/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java b/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java index aedc6a8d66..9b726ba75d 100644 --- a/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java +++ b/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java @@ -39,9 +39,7 @@ import org.springframework.security.web.SecurityFilterChain; @Configuration @EnableWebSecurity public class WebSecurityConfig { - private static final String USER_ROLE = "USER"; - private final String username; private final String password; private final String[] permitUris; @@ -54,9 +52,9 @@ public class WebSecurityConfig { * @param password password */ public WebSecurityConfig( - @Autowired @Value("${security.permit-uri}") final String permitUris, - @Autowired @Value("${security.auth.username}") final String username, - @Autowired @Value("${security.auth.password}") final String password + @Autowired @Value("${permit-uri}") final String permitUris, + @Autowired @Value("${security.auth.username}") final String username, + @Autowired @Value("${security.auth.password}") final String password ) { super(); this.permitUris = permitUris.isEmpty() ? new String[] {"/v3/api-docs"} : permitUris.split("\\s{0,9},\\s{0,9}"); @@ -80,12 +78,11 @@ public class WebSecurityConfig { http .httpBasic() .and() - .authorizeRequests() - .antMatchers(permitUris).permitAll() + .authorizeHttpRequests() + .requestMatchers(permitUris).permitAll() .anyRequest().authenticated() .and() .csrf().disable(); - return http.build(); } diff --git a/cps-application/src/main/resources/application.yml b/cps-application/src/main/resources/application.yml index 58748271cc..016356801d 100644 --- a/cps-application/src/main/resources/application.yml +++ b/cps-application/src/main/resources/application.yml @@ -140,10 +140,10 @@ springdoc: - name: cps-ncmp-inventory url: /api-docs/cps-ncmp/openapi-inventory.yaml +permit-uri: /manage/**,/swagger-ui.html,/swagger-ui/**,/swagger-resources/**,/api-docs/** security: # comma-separated uri patterns which do not require authorization - permit-uri: /manage/**,/swagger-ui.html,/swagger-ui/**,/swagger-resources/**,/api-docs/** auth: username: ${CPS_USERNAME} password: ${CPS_PASSWORD} |