summaryrefslogtreecommitdiffstats
path: root/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter
diff options
context:
space:
mode:
authorwaqas.ikram <waqas.ikram@est.tech>2020-02-07 16:10:14 +0000
committerWaqas Ikram <waqas.ikram@est.tech>2020-02-10 18:14:01 +0000
commit505b82d23d4340e67f619675bad4580fc3ae050a (patch)
tree3fe96d59a458026aaca2f0cf7dd0a4f475905d82 /adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter
parentc1dacabbcf9f9f09a00458b44f5168f1273965ec (diff)
Fix for SO-2598
Change-Id: If2086de6cb635f39a03927be35fed9c177919211 Issue-ID: SO-2598 Signed-off-by: waqas.ikram <waqas.ikram@est.tech> Making WebSecurityConfigurerAdapter configurable so that other components can configure it per there requirement Change-Id: I8f7674710ff41195946a710b86c7c8d7b52815f8 Signed-off-by: waqas.ikram <waqas.ikram@est.tech>
Diffstat (limited to 'adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter')
-rw-r--r--adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java (renamed from adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java)27
1 files changed, 17 insertions, 10 deletions
diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java
index a5404607b4..1e0a18a339 100644
--- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java
+++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java
@@ -22,34 +22,41 @@
package org.onap.so.adapters.vnfmadapter;
-import org.onap.so.security.SoBasicWebSecurityConfigurerAdapter;
+import org.onap.so.security.HttpSecurityConfigurer;
import org.onap.so.security.SoUserCredentialConfiguration;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
/**
* @author Waqas Ikram (waqas.ikram@est.tech)
* @author Gareth Roper (gareth.roper@est.tech)
*
*/
-@EnableWebSecurity
-@Configuration
-public class VnfmBasicWebSecurityConfigurerAdapter extends SoBasicWebSecurityConfigurerAdapter {
+@Primary
+@Component
+public class VnfmBasicHttpSecurityConfigurer implements HttpSecurityConfigurer {
+
+ @Autowired
+ private SoUserCredentialConfiguration soUserCredentialConfiguration;
@Value("${server.ssl.client-auth:none}")
private String clientAuth;
- SoUserCredentialConfiguration soUserCredentialConfiguration;
@Override
- protected void configure(final HttpSecurity http) throws Exception {
+ public void configure(final HttpSecurity http) throws Exception {
if (("need").equalsIgnoreCase(clientAuth)) {
http.csrf().disable().authorizeRequests().anyRequest().permitAll();
} else {
- super.configure(http);
- http.authorizeRequests().antMatchers(HttpMethod.GET, "/etsi/subscription/notification").permitAll();
+ http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
+ .antMatchers(HttpMethod.GET, "/etsi/subscription/notification").permitAll().antMatchers("/**")
+ .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ","))
+ .and().httpBasic();
+
}
}
}