diff options
author | saul.gill <saul.gill@est.tech> | 2024-06-13 13:50:19 +0100 |
---|---|---|
committer | saul.gill <saul.gill@est.tech> | 2024-06-13 13:50:26 +0100 |
commit | b52e095b34ee7c576f7ee83df05e2a09366a8c8a (patch) | |
tree | ddd70fa1b4a0fc4f3b675a5b07f87d94bc977a1c /runtime-acm/src/main | |
parent | 5d48bd15e1d799ba4419a8b6d960a089335b9852 (diff) |
Make basic auth configurable in acm
Allow user to switch on/off basicAuth from application.yaml
Issue-ID: POLICY-5044
Change-Id: I96a91152667efc5e26196239bc0808913a5ee06c
Signed-off-by: saul.gill <saul.gill@est.tech>
Diffstat (limited to 'runtime-acm/src/main')
-rw-r--r-- | runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java | 13 | ||||
-rw-r--r-- | runtime-acm/src/main/resources/application.yaml | 4 |
2 files changed, 6 insertions, 11 deletions
diff --git a/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java b/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java index e32eacb37..2e75db12e 100644 --- a/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java +++ b/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java @@ -1,6 +1,6 @@ /*- * ============LICENSE_START======================================================= - * Copyright (C) 2021,2023 Nordix Foundation. + * Copyright (C) 2021,2023-2024 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -34,8 +34,8 @@ import org.springframework.security.web.SecurityFilterChain; @Configuration public class SecurityConfig { - @Value("${metrics.security.disabled}") - private boolean disableMetricsSecurity; + @Value("${basicAuth:true}") + private boolean useBasicAuth; /** * Return the configuration of how access to this module's REST end points is secured. @@ -48,11 +48,10 @@ public class SecurityConfig { http .httpBasic(Customizer.withDefaults()) .authorizeHttpRequests(authorize -> { - if (disableMetricsSecurity) { - authorize.requestMatchers("/prometheus").permitAll() - .anyRequest().authenticated(); - } else { + if (useBasicAuth) { authorize.anyRequest().authenticated(); + } else { + authorize.anyRequest().permitAll(); } }) .csrf(AbstractHttpConfigurer::disable); diff --git a/runtime-acm/src/main/resources/application.yaml b/runtime-acm/src/main/resources/application.yaml index 58e590b14..0e2585dba 100644 --- a/runtime-acm/src/main/resources/application.yaml +++ b/runtime-acm/src/main/resources/application.yaml @@ -28,10 +28,6 @@ spring: hibernate: format_sql: true -metrics: - security: - disabled: false - server: port: 6969 servlet: |