From 0627eb6d8ef545725c7828a0e11a85788495982a Mon Sep 17 00:00:00 2001 From: "Determe, Sebastien (sd378r)" Date: Tue, 29 Aug 2017 03:54:36 -0700 Subject: Rename the CldsSecurityConfig This was unclear that this class was related to the Clds Users, so it has to be renamed Change-Id: Ia93bc24d4940a017274e55d06075f60954c75cc3 Issue-Id: CLAMP-43 Signed-off-by: Determe, Sebastien (sd378r) --- .../onap/clamp/clds/config/CldsSecurityConfig.java | 86 ---------------- .../clamp/clds/config/CldsSecurityConfigUsers.java | 111 +++++++++++++++++++++ 2 files changed, 111 insertions(+), 86 deletions(-) delete mode 100644 src/main/java/org/onap/clamp/clds/config/CldsSecurityConfig.java create mode 100644 src/main/java/org/onap/clamp/clds/config/CldsSecurityConfigUsers.java (limited to 'src/main/java/org') diff --git a/src/main/java/org/onap/clamp/clds/config/CldsSecurityConfig.java b/src/main/java/org/onap/clamp/clds/config/CldsSecurityConfig.java deleted file mode 100644 index 7e6021c2b..000000000 --- a/src/main/java/org/onap/clamp/clds/config/CldsSecurityConfig.java +++ /dev/null @@ -1,86 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP CLAMP - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights - * reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END============================================ - * =================================================================== - * ECOMP is a trademark and service mark of AT&T Intellectual Property. - */ - -package org.onap.clamp.clds.config; - -import org.onap.clamp.clds.service.CldsUser; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.ApplicationContext; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; - -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; - -@Configuration -@EnableWebSecurity -@Profile("clamp-spring-authentication") -public class CldsSecurityConfig extends WebSecurityConfigurerAdapter { - - protected static final EELFLogger logger = EELFManager.getInstance().getLogger(CldsSecurityConfig.class); - protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger(); - - @Autowired - private ApplicationContext appContext; - - @Value("${org.onap.clamp.config.files.cldsUsers:'classpath:etc/config/clds/clds-users.json'}") - private String cldsUsersFile; - - @Value("${CLDS_PERMISSION_TYPE_CL:permission-type-cl}") - private String cldsPersmissionTypeCl; - - @Value("${CLDS_PERMISSION_INSTANCE:dev}") - private String cldsPermissionInstance; - - @Override - protected void configure(HttpSecurity http) throws Exception { - http.csrf().disable().httpBasic().and().authorizeRequests().antMatchers("/restservices/clds/v1/user/**") - .authenticated().anyRequest().permitAll().and().logout(); - } - - @Autowired - public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { - CldsUser[] usersList = loadUsers(); - - // no users defined - if (null == usersList) { - logger.warn("No users defined. Users should be defined under " + cldsUsersFile); - return; - } - - for (CldsUser user : usersList) { - auth.inMemoryAuthentication().withUser(user.getUser()).password(user.getPassword()) - .roles(user.getPermissionsString()); - } - } - - private CldsUser[] loadUsers() throws Exception { - logger.info("Load from clds-users.properties"); - return CldsUserJsonDecoder.decodeJson(appContext.getResource(cldsUsersFile).getInputStream()); - } -} diff --git a/src/main/java/org/onap/clamp/clds/config/CldsSecurityConfigUsers.java b/src/main/java/org/onap/clamp/clds/config/CldsSecurityConfigUsers.java new file mode 100644 index 000000000..a187ac556 --- /dev/null +++ b/src/main/java/org/onap/clamp/clds/config/CldsSecurityConfigUsers.java @@ -0,0 +1,111 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP CLAMP + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights + * reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END============================================ + * =================================================================== + * ECOMP is a trademark and service mark of AT&T Intellectual Property. + */ + +package org.onap.clamp.clds.config; + +import org.onap.clamp.clds.service.CldsUser; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.ApplicationContext; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; + +/** + * This class is used to enable the HTTP authentication to login. It requires a + * specific JSON file containing the user definition + * (classpath:etc/config/clds/clds-users.json). + * + */ +@Configuration +@EnableWebSecurity +@Profile("clamp-spring-authentication") +public class CldsSecurityConfigUsers extends WebSecurityConfigurerAdapter { + + protected static final EELFLogger logger = EELFManager.getInstance() + .getLogger(CldsSecurityConfigUsers.class); + protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger(); + + @Autowired + private ApplicationContext appContext; + + @Value("${org.onap.clamp.config.files.cldsUsers:'classpath:etc/config/clds/clds-users.json'}") + private String cldsUsersFile; + + @Value("${CLDS_PERMISSION_TYPE_CL:permission-type-cl}") + private String cldsPersmissionTypeCl; + + @Value("${CLDS_PERMISSION_INSTANCE:dev}") + private String cldsPermissionInstance; + + /** + * This method configures on which URL the authorization will be enabled. + */ + @Override + protected void configure(HttpSecurity http) throws Exception { + http.csrf().disable().httpBasic().and().authorizeRequests().antMatchers("/restservices/clds/v1/user/**") + .authenticated().anyRequest().permitAll().and().logout(); + } + + /** + * This method is called by the framework and is used to load all the users + * defined in cldsUsersFile variable (this file path can be configured in + * the application.properties). + * + * @param auth + * @throws Exception + */ + @Autowired + public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { + CldsUser[] usersList = loadUsers(); + + // no users defined + if (null == usersList) { + logger.warn("No users defined. Users should be defined under " + cldsUsersFile); + return; + } + + for (CldsUser user : usersList) { + auth.inMemoryAuthentication().withUser(user.getUser()).password(user.getPassword()) + .roles(user.getPermissionsString()); + } + } + + /** + * This method loads physically the JSON file and convert it to an Array of + * CldsUser. + * + * @return The array of CldsUser + * @throws Exception + */ + private CldsUser[] loadUsers() throws Exception { + logger.info("Load from clds-users.properties"); + return CldsUserJsonDecoder.decodeJson(appContext.getResource(cldsUsersFile).getInputStream()); + } +} -- cgit 1.2.3-korg