diff options
author | liamfallon <liam.fallon@est.tech> | 2023-01-31 12:35:17 +0000 |
---|---|---|
committer | liamfallon <liam.fallon@est.tech> | 2023-02-01 14:25:30 +0000 |
commit | 203a14a0c5397096f4b6918cd587248ea275e245 (patch) | |
tree | 38c0b2e0027cce7bb2af522a0d507a9d87e16178 /runtime-acm/src/main | |
parent | ec24e733cdcdeec9d9d02cc71aa104d891a7f5d0 (diff) |
Upgrade and clean up dependencies
- Upgrade Hibernate
- Upgrade Mockito
- Upgrade Mockserver
- Remove Powermock (no longer supported) and replace with spring-test ReflectionTestUtils
- Upgrade Spring Framework
- Add spring-security to allow authentication on unit tests using MockMVC
Minor clean-up
- Replace deprecated authorization configuraiton on spring boot applications with SecurityFilterChain bean
- Change @LocalPort include on tests to use test include rather than runtime include
- Remove unused imports
- Remove unused constants and variables
- Add deprecation annotations where required
Issue-ID: POLICY-4482
Change-Id: I7356d60696330e868d4f67195ba55b80987f85b9
Signed-off-by: liamfallon <liam.fallon@est.tech>
Diffstat (limited to 'runtime-acm/src/main')
-rw-r--r-- | runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java b/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java index ade7c56b3..d38771d78 100644 --- a/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java +++ b/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java @@ -1,6 +1,6 @@ /*- * ============LICENSE_START======================================================= - * Copyright (C) 2021 Nordix Foundation. + * Copyright (C) 2021,2023 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,28 +20,30 @@ package org.onap.policy.clamp.acm.runtime.config; -import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.SecurityFilterChain; +/** + * Configure how access to this module's REST end points is secured. + */ @Configuration -public class SecurityConfig extends WebSecurityConfigurerAdapter { - - @Value("${security.enable-csrf:true}") - private boolean csrfEnabled = true; - - @Override - protected void configure(HttpSecurity http) throws Exception { - // @formatter:off - http.authorizeRequests() - .antMatchers().authenticated() - .anyRequest().authenticated() - .and().httpBasic(); - // @formatter:on - - if (!csrfEnabled) { - http.csrf().disable(); - } +public class SecurityConfig { + /** + * Return the configuration of how access to this module's REST end points is secured. + * + * @param http the HTTP security settings + * @return the HTTP security settings + */ + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .httpBasic() + .and() + .authorizeHttpRequests().anyRequest().authenticated() + .and() + .csrf().disable(); + return http.build(); } } |