aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java')
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java31
1 files changed, 30 insertions, 1 deletions
diff --git a/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java b/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
index f756b47d..c9e0af41 100644
--- a/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
+++ b/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
@@ -21,13 +21,24 @@
package org.onap.dcae.common.configuration;
+import org.onap.dcae.ApplicationException;
import org.onap.dcae.ApplicationSettings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.server.Ssl.ClientAuth;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
-public class CertBasicAuth implements AuthMethod{
+@Configuration
+@Order(1)
+@EnableWebSecurity
+public class CertBasicAuth extends WebSecurityConfigurerAdapter implements AuthMethod{
private static final Logger log = LoggerFactory.getLogger(CertAuth.class);
private final ConfigurableServletWebServerFactory container;
@@ -39,6 +50,24 @@ public class CertBasicAuth implements AuthMethod{
}
@Override
+ public void configure(WebSecurity web) {
+ web.ignoring().anyRequest();
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) {
+ try {
+ http.authorizeRequests()
+ .anyRequest().authenticated().and()
+ .addFilterBefore(new CustomFilter(properties), FilterSecurityInterceptor.class);
+
+ } catch (Exception ex) {
+ log.error("Cannot authorize request cause: ",ex);
+ throw new ApplicationException(ex);
+ }
+ }
+
+ @Override
public void configure() {
SslContextCreator sslContextCreator = new SslContextCreator(properties);
container.setPort(properties.httpsPort());