aboutsummaryrefslogtreecommitdiffstats
path: root/cps-application/src
diff options
context:
space:
mode:
Diffstat (limited to 'cps-application/src')
-rw-r--r--cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java13
-rw-r--r--cps-application/src/main/resources/application.yml2
2 files changed, 6 insertions, 9 deletions
diff --git a/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java b/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
index aedc6a8d66..9b726ba75d 100644
--- a/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
+++ b/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
@@ -39,9 +39,7 @@ import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig {
-
private static final String USER_ROLE = "USER";
-
private final String username;
private final String password;
private final String[] permitUris;
@@ -54,9 +52,9 @@ public class WebSecurityConfig {
* @param password password
*/
public WebSecurityConfig(
- @Autowired @Value("${security.permit-uri}") final String permitUris,
- @Autowired @Value("${security.auth.username}") final String username,
- @Autowired @Value("${security.auth.password}") final String password
+ @Autowired @Value("${permit-uri}") final String permitUris,
+ @Autowired @Value("${security.auth.username}") final String username,
+ @Autowired @Value("${security.auth.password}") final String password
) {
super();
this.permitUris = permitUris.isEmpty() ? new String[] {"/v3/api-docs"} : permitUris.split("\\s{0,9},\\s{0,9}");
@@ -80,12 +78,11 @@ public class WebSecurityConfig {
http
.httpBasic()
.and()
- .authorizeRequests()
- .antMatchers(permitUris).permitAll()
+ .authorizeHttpRequests()
+ .requestMatchers(permitUris).permitAll()
.anyRequest().authenticated()
.and()
.csrf().disable();
-
return http.build();
}
diff --git a/cps-application/src/main/resources/application.yml b/cps-application/src/main/resources/application.yml
index 58748271cc..016356801d 100644
--- a/cps-application/src/main/resources/application.yml
+++ b/cps-application/src/main/resources/application.yml
@@ -140,10 +140,10 @@ springdoc:
- name: cps-ncmp-inventory
url: /api-docs/cps-ncmp/openapi-inventory.yaml
+permit-uri: /manage/**,/swagger-ui.html,/swagger-ui/**,/swagger-resources/**,/api-docs/**
security:
# comma-separated uri patterns which do not require authorization
- permit-uri: /manage/**,/swagger-ui.html,/swagger-ui/**,/swagger-resources/**,/api-docs/**
auth:
username: ${CPS_USERNAME}
password: ${CPS_PASSWORD}