summaryrefslogtreecommitdiffstats
path: root/participant/participant-impl/participant-impl-policy
diff options
context:
space:
mode:
Diffstat (limited to 'participant/participant-impl/participant-impl-policy')
-rw-r--r--participant/participant-impl/participant-impl-policy/src/main/java/org/onap/policy/clamp/acm/participant/policy/config/SecurityConfig.java42
-rw-r--r--participant/participant-impl/participant-impl-policy/src/test/java/org/onap/policy/clamp/acm/participant/policy/main/rest/ActuatorControllerTest.java4
2 files changed, 24 insertions, 22 deletions
diff --git a/participant/participant-impl/participant-impl-policy/src/main/java/org/onap/policy/clamp/acm/participant/policy/config/SecurityConfig.java b/participant/participant-impl/participant-impl-policy/src/main/java/org/onap/policy/clamp/acm/participant/policy/config/SecurityConfig.java
index d7ce925e2..e2f91134e 100644
--- a/participant/participant-impl/participant-impl-policy/src/main/java/org/onap/policy/clamp/acm/participant/policy/config/SecurityConfig.java
+++ b/participant/participant-impl/participant-impl-policy/src/main/java/org/onap/policy/clamp/acm/participant/policy/config/SecurityConfig.java
@@ -1,6 +1,6 @@
/*-
* ========================LICENSE_START=================================
- * Copyright (C) 2021 Nordix Foundation. All rights reserved.
+ * Copyright (C) 2021,2023 Nordix Foundation.
* ======================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -18,28 +18,30 @@
package org.onap.policy.clamp.acm.participant.policy.config;
-import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.SecurityFilterChain;
+/**
+ * Configure how access to this module's REST end points is secured.
+ */
@Configuration
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
-
- @Value("${security.enable-csrf:true}")
- private boolean csrfEnabled = true;
-
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- // @formatter:off
- http.authorizeRequests()
- .antMatchers().authenticated()
- .anyRequest().authenticated()
- .and().httpBasic();
- // @formatter:on
-
- if (!csrfEnabled) {
- http.csrf().disable();
- }
+public class SecurityConfig {
+ /**
+ * Return the configuration of how access to this module's REST end points is secured.
+ *
+ * @param http the HTTP security settings
+ * @return the HTTP security settings
+ */
+ @Bean
+ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ http
+ .httpBasic()
+ .and()
+ .authorizeHttpRequests().anyRequest().authenticated()
+ .and()
+ .csrf().disable();
+ return http.build();
}
}
diff --git a/participant/participant-impl/participant-impl-policy/src/test/java/org/onap/policy/clamp/acm/participant/policy/main/rest/ActuatorControllerTest.java b/participant/participant-impl/participant-impl-policy/src/test/java/org/onap/policy/clamp/acm/participant/policy/main/rest/ActuatorControllerTest.java
index c74480fba..4faab95cc 100644
--- a/participant/participant-impl/participant-impl-policy/src/test/java/org/onap/policy/clamp/acm/participant/policy/main/rest/ActuatorControllerTest.java
+++ b/participant/participant-impl/participant-impl-policy/src/test/java/org/onap/policy/clamp/acm/participant/policy/main/rest/ActuatorControllerTest.java
@@ -1,6 +1,6 @@
/*-
* ============LICENSE_START=======================================================
- * Copyright (C) 2021-2022 Nordix Foundation.
+ * Copyright (C) 2021-2023 Nordix Foundation.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -31,7 +31,7 @@ import org.onap.policy.clamp.acm.participant.policy.main.utils.CommonActuatorCon
import org.springframework.boot.test.autoconfigure.actuate.metrics.AutoConfigureMetrics;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
-import org.springframework.boot.web.server.LocalServerPort;
+import org.springframework.boot.test.web.server.LocalServerPort;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit.jupiter.SpringExtension;