summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPiotr Borelowski <p.borelowski@partner.samsung.com>2020-02-05 19:01:45 +0100
committerPiotr Borelowski <p.borelowski@partner.samsung.com>2020-02-07 08:14:26 +0000
commit2110c52f8c84cd9330da668a43e00e34f645f867 (patch)
tree7b2e7c4ef8942b737dc9d090146ab8fe91520f42
parente3871f1bd6e8d8c8baa093d1307b029527603302 (diff)
Changed Basic Authorization in receiving Notification
Ve-Vnfm (SOL002) Adapter project Issue-ID: SO-2574 Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com> Change-Id: I95dfebd0e024af91b9bac4d8a4bb97d271badc70
-rw-r--r--adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/Application.java6
-rw-r--r--adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/configuration/SecurityConfiguration.java58
-rw-r--r--adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java12
-rw-r--r--adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml8
-rw-r--r--common/src/main/java/org/onap/so/security/SoBasicWebSecurityConfigurerAdapter.java12
5 files changed, 26 insertions, 70 deletions
diff --git a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/Application.java b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/Application.java
index e4a6bed300..875fddd7f0 100644
--- a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/Application.java
+++ b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/Application.java
@@ -26,7 +26,11 @@ import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication(scanBasePackages = {"org.onap.so"})
public class Application {
+ public static final String BASIC_PROFILE = "basic";
+
public static void main(final String... args) {
- SpringApplication.run(Application.class, args);
+ final SpringApplication springApplication = new SpringApplication(Application.class);
+ springApplication.setAdditionalProfiles(BASIC_PROFILE);
+ springApplication.run(args);
}
}
diff --git a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/configuration/SecurityConfiguration.java b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/configuration/SecurityConfiguration.java
deleted file mode 100644
index cc56048262..0000000000
--- a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/configuration/SecurityConfiguration.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * SO
- * ================================================================================
- * Copyright (C) 2020 Samsung. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.so.adapters.vevnfm.configuration;
-
-import org.onap.so.security.SoBasicWebSecurityConfigurerAdapter;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.crypto.password.PasswordEncoder;
-
-@Configuration
-@EnableWebSecurity
-public class SecurityConfiguration extends SoBasicWebSecurityConfigurerAdapter {
-
- @Value("${notification.url}")
- private String notificationUrl;
-
- @Value("${notification.username}")
- private String notificationUsername;
-
- @Value("${notification.password}")
- private String notificationPassword;
-
- @Autowired
- private PasswordEncoder passwordEncoder;
-
- @Override
- protected void configure(final HttpSecurity https) throws Exception {
- https.csrf().disable().authorizeRequests().antMatchers(notificationUrl).authenticated().and().httpBasic();
- }
-
- @Override
- protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
- auth.inMemoryAuthentication().withUser(notificationUsername)
- .password(passwordEncoder.encode(notificationPassword)).authorities("ROLE_USER");
- }
-}
diff --git a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java
index aa07ed65a2..c1a56fb452 100644
--- a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java
+++ b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java
@@ -43,11 +43,11 @@ public class SubscriberService {
@Value("${notification.url}")
private String notificationUrl;
- @Value("${notification.username}")
- private String notificationUsername;
+ @Value("${spring.security.usercredentials[0].username}")
+ private String username;
- @Value("${notification.password}")
- private String notificationPassword;
+ @Value("${spring.security.usercredentials[0].openpass}")
+ private String openpass;
@Autowired
private SubscribeSender sender;
@@ -62,8 +62,8 @@ public class SubscriberService {
request.callbackUri(getCallbackUri());
final SubscriptionsAuthenticationParamsBasic paramsBasic = new SubscriptionsAuthenticationParamsBasic();
final SubscriptionsAuthentication authentication = new SubscriptionsAuthentication();
- paramsBasic.setUserName(notificationUsername);
- paramsBasic.setPassword(notificationPassword);
+ paramsBasic.setUserName(username);
+ paramsBasic.setPassword(openpass);
authentication.setAuthType(Collections.singletonList(SubscriptionsAuthentication.AuthTypeEnum.BASIC));
authentication.setParamsBasic(paramsBasic);
request.authentication(authentication);
diff --git a/adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml b/adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml
index b16fa6348f..f3ad9615ec 100644
--- a/adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml
+++ b/adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml
@@ -22,8 +22,6 @@ system:
notification:
url: /lcm/v1/vnf/instances/notifications
- username: admin
- password: a4b3c2d1
mso:
key: 07a7159d3bf51a0e53be7a8f89699be7
@@ -36,6 +34,12 @@ vnfm:
subscription: /vnflcm/v1/subscriptions
spring:
+ security:
+ usercredentials:
+ - username: admin
+ openpass: a4b3c2d1
+ password: '$2a$10$vU.mWyNTsikAxXIA5c269ewCpAbYTiyMS0m1N.kn4F2CSGEnrKN7K'
+ role: USER
http:
converters:
preferred-json-mapper: gson
diff --git a/common/src/main/java/org/onap/so/security/SoBasicWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/SoBasicWebSecurityConfigurerAdapter.java
index c778dde9af..21176e0d5d 100644
--- a/common/src/main/java/org/onap/so/security/SoBasicWebSecurityConfigurerAdapter.java
+++ b/common/src/main/java/org/onap/so/security/SoBasicWebSecurityConfigurerAdapter.java
@@ -28,6 +28,8 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.firewall.StrictHttpFirewall;
import org.springframework.util.StringUtils;
@@ -44,6 +46,12 @@ public class SoBasicWebSecurityConfigurerAdapter extends WebSecurityConfigurerAd
@Autowired
private SoUserCredentialConfiguration soUserCredentialConfiguration;
+ @Autowired
+ private UserDetailsService userDetailsService;
+
+ @Autowired
+ private BCryptPasswordEncoder passwordEncoder;
+
@Override
protected void configure(final HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
@@ -61,8 +69,6 @@ public class SoBasicWebSecurityConfigurerAdapter extends WebSecurityConfigurerAd
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(soUserCredentialConfiguration.userDetailsService())
- .passwordEncoder(soUserCredentialConfiguration.passwordEncoder());
+ auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
}
-
}