diff options
Diffstat (limited to 'main/src')
4 files changed, 28 insertions, 14 deletions
diff --git a/main/src/main/java/org/onap/policy/api/main/config/SecurityConfig.java b/main/src/main/java/org/onap/policy/api/main/config/SecurityConfig.java index 367f92af..231456d3 100644 --- a/main/src/main/java/org/onap/policy/api/main/config/SecurityConfig.java +++ b/main/src/main/java/org/onap/policy/api/main/config/SecurityConfig.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2022 Bell Canada. All rights reserved. + * Modifications Copyright (C) 2023 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,17 +21,30 @@ package org.onap.policy.api.main.config; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.SecurityFilterChain; +/** + * Configure how access to this module's REST end points is secured. + */ @Configuration -public class SecurityConfig extends WebSecurityConfigurerAdapter { - - @Override - public void configure(HttpSecurity http) throws Exception { - http.httpBasic().and() // use Basic authentication - .authorizeRequests().anyRequest().authenticated() // allow authenticated access to all rest endpoints - .and().csrf().disable(); // CSRF filter is relevant when serving browser clients, hence disable +public class SecurityConfig { + /** + * Return the configuration of how access to this module's REST end points is secured. + * + * @param http the HTTP security settings + * @return the HTTP security settings + */ + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .httpBasic() + .and() + .authorizeHttpRequests().anyRequest().authenticated() + .and() + .csrf().disable(); + return http.build(); } }
\ No newline at end of file diff --git a/main/src/test/java/org/onap/policy/api/main/rest/TestApiRestServer.java b/main/src/test/java/org/onap/policy/api/main/rest/TestApiRestServer.java index 412c28d1..a1d67dcd 100644 --- a/main/src/test/java/org/onap/policy/api/main/rest/TestApiRestServer.java +++ b/main/src/test/java/org/onap/policy/api/main/rest/TestApiRestServer.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2018 Samsung Electronics Co., Ltd. All rights reserved. * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. - * Modifications Copyright (C) 2019-2020,2022 Nordix Foundation. + * Modifications Copyright (C) 2019-2020,2022-2023 Nordix Foundation. * Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); @@ -53,7 +53,7 @@ import org.onap.policy.models.errors.concepts.ErrorResponse; import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; +import org.springframework.boot.test.web.server.LocalServerPort; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; import org.springframework.test.context.ActiveProfiles; @@ -736,4 +736,4 @@ public class TestApiRestServer extends CommonTestRestController { assertEquals(code, report.getCode()); assertEquals(message, report.getMessage()); } -}
\ No newline at end of file +} diff --git a/main/src/test/java/org/onap/policy/api/main/rest/TestNodeTemplateController.java b/main/src/test/java/org/onap/policy/api/main/rest/TestNodeTemplateController.java index fb7a152a..c36fea17 100644 --- a/main/src/test/java/org/onap/policy/api/main/rest/TestNodeTemplateController.java +++ b/main/src/test/java/org/onap/policy/api/main/rest/TestNodeTemplateController.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP Policy API * ================================================================================ - * Copyright (C) 2022 Nordix Foundation. All rights reserved. + * Copyright (C) 2022-2023 Nordix Foundation. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,7 +44,7 @@ import org.onap.policy.models.tosca.authorative.concepts.ToscaNodeTemplate; import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; +import org.springframework.boot.test.web.server.LocalServerPort; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ActiveProfiles; import org.springframework.test.context.DynamicPropertyRegistry; diff --git a/main/src/test/java/org/onap/policy/api/main/rest/stub/ApisRestControllerStubTest.java b/main/src/test/java/org/onap/policy/api/main/rest/stub/ApisRestControllerStubTest.java index 6608f9b7..b93aeed5 100644 --- a/main/src/test/java/org/onap/policy/api/main/rest/stub/ApisRestControllerStubTest.java +++ b/main/src/test/java/org/onap/policy/api/main/rest/stub/ApisRestControllerStubTest.java @@ -32,7 +32,7 @@ import org.onap.policy.api.main.PolicyApiApplication; import org.onap.policy.api.main.rest.utils.CommonTestRestController; import org.onap.policy.common.utils.security.SelfSignedKeyStore; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; +import org.springframework.boot.test.web.server.LocalServerPort; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.annotation.DirtiesContext.ClassMode; import org.springframework.test.context.ActiveProfiles; |