diff options
| author |   Dan Timoney <dtimoney@att.com> | 2021-04-15 09:58:19 -0400 |
|---|---|---|
| committer | Dan Timoney <dtimoney@att.com> | 2021-04-20 14:32:59 -0400 |
| commit | 5c4184f9312d00166dea77b5a16ae400c669f473 (patch) | |
| tree | b954e9ab612aa58bcee2aa364990934ebbc9ed9f /ms/generic-resource-api/src/main/java | |
| parent | d91aa64b55dbb561b103d40c7e8c16a3023b2717 (diff) | |
Update gra ms to use CadiFilter instead of shiro
Update code to use CadiFilter to integrate with AAF instead of
shiro plugin, which is no longer supported (also, shiro has known,
unresolved security vulnerabilities)
Change-Id: Icaa922ac833f0a44c310847740f6745624242a2b
Issue-ID: SDNC-1523
Signed-off-by: Dan Timoney <dtimoney@att.com>
Diffstat (limited to 'ms/generic-resource-api/src/main/java')
2 files changed, 36 insertions, 39 deletions
diff --git a/ms/generic-resource-api/src/main/java/org/onap/sdnc/apps/ms/gra/FilterConfiguration.java b/ms/generic-resource-api/src/main/java/org/onap/sdnc/apps/ms/gra/FilterConfiguration.java new file mode 100644 index 0000000..6b96541 --- /dev/null +++ b/ms/generic-resource-api/src/main/java/org/onap/sdnc/apps/ms/gra/FilterConfiguration.java @@ -0,0 +1,35 @@ +package org.onap.sdnc.apps.ms.gra;
+
+import org.onap.aaf.cadi.filter.CadiFilter;
+import org.onap.ccsdk.apps.filters.ContentTypeFilter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+
+@Configuration
+public class FilterConfiguration {
+
+ private static final Logger log = LoggerFactory.getLogger(FilterConfiguration.class);
+
+ @Bean
+ @Order(1)
+ public FilterRegistrationBean<CadiFilter> cadiFilter() {
+ CadiFilter filter = new CadiFilter();
+
+ FilterRegistrationBean<CadiFilter> registrationBean = new FilterRegistrationBean<>();
+ registrationBean.setFilter(filter);
+ if ("none".equals(System.getProperty("cadi_prop_files", "none"))) {
+ log.info("cadi_prop_files undefined, AAF CADI disabled");
+ registrationBean.addUrlPatterns("/xxxx/*");
+ } else {
+ registrationBean.addUrlPatterns("/*");
+ registrationBean.addInitParameter("cadi_prop_files", System.getProperty("cadi_prop_files"));
+ }
+
+ return registrationBean;
+ }
+
+}
diff --git a/ms/generic-resource-api/src/main/java/org/onap/sdnc/apps/ms/gra/GenericResourceMsApp.java b/ms/generic-resource-api/src/main/java/org/onap/sdnc/apps/ms/gra/GenericResourceMsApp.java index a0e9595..d436d21 100644 --- a/ms/generic-resource-api/src/main/java/org/onap/sdnc/apps/ms/gra/GenericResourceMsApp.java +++ b/ms/generic-resource-api/src/main/java/org/onap/sdnc/apps/ms/gra/GenericResourceMsApp.java @@ -20,25 +20,19 @@ package org.onap.sdnc.apps.ms.gra; -import org.apache.shiro.realm.Realm; -import org.apache.shiro.realm.text.PropertiesRealm; -import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition; -import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition; -import org.onap.aaf.cadi.shiro.AAFRealm; import org.onap.ccsdk.apps.ms.sliboot.controllers.RestconfApiController; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.domain.EntityScan; -import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Import; import org.springframework.data.jpa.repository.config.EnableJpaRepositories; import org.springframework.transaction.annotation.EnableTransactionManagement; import springfox.documentation.swagger2.annotations.EnableSwagger2; -@SpringBootApplication(scanBasePackages = { "org.onap.sdnc.apps.ms.gra", "org.onap.ccsdk.apps.services", "org.onap.ccsdk.apps.filters" }) +@SpringBootApplication(scanBasePackages = { "org.onap.sdnc.apps.ms.gra", "org.onap.ccsdk.apps.services" }) @EnableJpaRepositories(basePackages = { "org.onap.sdnc.apps.ms.gra", "org.onap.ccsdk.apps.ms.sliboot" }) @EntityScan(basePackages = { "org.onap.sdnc.apps.ms.gra", "org.onap.ccsdk.apps.ms.sliboot" }) @EnableTransactionManagement @@ -52,36 +46,4 @@ public class GenericResourceMsApp { public static void main(String[] args) throws Exception { SpringApplication.run(GenericResourceMsApp.class, args); } - - @Bean - public Realm realm() { - - // If cadi prop files is not defined use local properties realm - // src/main/resources/shiro-users.properties - if ("none".equals(System.getProperty("cadi_prop_files", "none"))) { - log.info("cadi_prop_files undefined, AAF Realm will not be set"); - PropertiesRealm realm = new PropertiesRealm(); - return realm; - } else { - AAFRealm realm = new AAFRealm(); - return realm; - } - - } - - @Bean - public ShiroFilterChainDefinition shiroFilterChainDefinition() { - DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition(); - - // if cadi prop files is not set disable authentication - if ("none".equals(System.getProperty("cadi_prop_files", "none"))) { - chainDefinition.addPathDefinition("/**", "anon"); - } else { - log.info("Loaded property cadi_prop_files, AAF REALM set"); - chainDefinition.addPathDefinition("/**", "authcBasic, rest[org.onap.sdnc.odl:odl-api]"); - } - - return chainDefinition; - } - } |