summaryrefslogtreecommitdiffstats
path: root/cps-application
diff options
context:
space:
mode:
Diffstat (limited to 'cps-application')
-rwxr-xr-xcps-application/pom.xml16
-rw-r--r--cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java13
-rw-r--r--cps-application/src/main/resources/application.yml2
3 files changed, 20 insertions, 11 deletions
diff --git a/cps-application/pom.xml b/cps-application/pom.xml
index 0cf68ad87c..3b5069a1c4 100755
--- a/cps-application/pom.xml
+++ b/cps-application/pom.xml
@@ -70,8 +70,8 @@
<artifactId>micrometer-registry-prometheus</artifactId>
</dependency>
<dependency>
- <groupId>org.springframework.cloud</groupId>
- <artifactId>spring-cloud-starter-sleuth</artifactId>
+ <groupId>io.micrometer</groupId>
+ <artifactId>micrometer-tracing-bridge-brave</artifactId>
</dependency>
<!-- T E S T D E P E N D E N C I E S -->
<dependency>
@@ -118,6 +118,18 @@
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-xml</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-server</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-http</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>jakarta.servlet</groupId>
+ <artifactId>jakarta.servlet-api</artifactId>
+ </dependency>
</dependencies>
<build>
diff --git a/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java b/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
index aedc6a8d66..9b726ba75d 100644
--- a/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
+++ b/cps-application/src/main/java/org/onap/cps/config/WebSecurityConfig.java
@@ -39,9 +39,7 @@ import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig {
-
private static final String USER_ROLE = "USER";
-
private final String username;
private final String password;
private final String[] permitUris;
@@ -54,9 +52,9 @@ public class WebSecurityConfig {
* @param password password
*/
public WebSecurityConfig(
- @Autowired @Value("${security.permit-uri}") final String permitUris,
- @Autowired @Value("${security.auth.username}") final String username,
- @Autowired @Value("${security.auth.password}") final String password
+ @Autowired @Value("${permit-uri}") final String permitUris,
+ @Autowired @Value("${security.auth.username}") final String username,
+ @Autowired @Value("${security.auth.password}") final String password
) {
super();
this.permitUris = permitUris.isEmpty() ? new String[] {"/v3/api-docs"} : permitUris.split("\\s{0,9},\\s{0,9}");
@@ -80,12 +78,11 @@ public class WebSecurityConfig {
http
.httpBasic()
.and()
- .authorizeRequests()
- .antMatchers(permitUris).permitAll()
+ .authorizeHttpRequests()
+ .requestMatchers(permitUris).permitAll()
.anyRequest().authenticated()
.and()
.csrf().disable();
-
return http.build();
}
diff --git a/cps-application/src/main/resources/application.yml b/cps-application/src/main/resources/application.yml
index 58748271cc..016356801d 100644
--- a/cps-application/src/main/resources/application.yml
+++ b/cps-application/src/main/resources/application.yml
@@ -140,10 +140,10 @@ springdoc:
- name: cps-ncmp-inventory
url: /api-docs/cps-ncmp/openapi-inventory.yaml
+permit-uri: /manage/**,/swagger-ui.html,/swagger-ui/**,/swagger-resources/**,/api-docs/**
security:
# comma-separated uri patterns which do not require authorization
- permit-uri: /manage/**,/swagger-ui.html,/swagger-ui/**,/swagger-resources/**,/api-docs/**
auth:
username: ${CPS_USERNAME}
password: ${CPS_PASSWORD}