diff options
author | waqas.ikram <waqas.ikram@est.tech> | 2020-02-07 16:10:14 +0000 |
---|---|---|
committer | Waqas Ikram <waqas.ikram@est.tech> | 2020-02-10 18:14:01 +0000 |
commit | 505b82d23d4340e67f619675bad4580fc3ae050a (patch) | |
tree | 3fe96d59a458026aaca2f0cf7dd0a4f475905d82 /adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter | |
parent | c1dacabbcf9f9f09a00458b44f5168f1273965ec (diff) |
Fix for SO-2598
Change-Id: If2086de6cb635f39a03927be35fed9c177919211
Issue-ID: SO-2598
Signed-off-by: waqas.ikram <waqas.ikram@est.tech>
Making WebSecurityConfigurerAdapter configurable so that other
components can configure it per there requirement
Change-Id: I8f7674710ff41195946a710b86c7c8d7b52815f8
Signed-off-by: waqas.ikram <waqas.ikram@est.tech>
Diffstat (limited to 'adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter')
-rw-r--r-- | adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java (renamed from adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java) | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java index a5404607b4..1e0a18a339 100644 --- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java @@ -22,34 +22,41 @@ package org.onap.so.adapters.vnfmadapter; -import org.onap.so.security.SoBasicWebSecurityConfigurerAdapter; +import org.onap.so.security.HttpSecurityConfigurer; import org.onap.so.security.SoUserCredentialConfiguration; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; /** * @author Waqas Ikram (waqas.ikram@est.tech) * @author Gareth Roper (gareth.roper@est.tech) * */ -@EnableWebSecurity -@Configuration -public class VnfmBasicWebSecurityConfigurerAdapter extends SoBasicWebSecurityConfigurerAdapter { +@Primary +@Component +public class VnfmBasicHttpSecurityConfigurer implements HttpSecurityConfigurer { + + @Autowired + private SoUserCredentialConfiguration soUserCredentialConfiguration; @Value("${server.ssl.client-auth:none}") private String clientAuth; - SoUserCredentialConfiguration soUserCredentialConfiguration; @Override - protected void configure(final HttpSecurity http) throws Exception { + public void configure(final HttpSecurity http) throws Exception { if (("need").equalsIgnoreCase(clientAuth)) { http.csrf().disable().authorizeRequests().anyRequest().permitAll(); } else { - super.configure(http); - http.authorizeRequests().antMatchers(HttpMethod.GET, "/etsi/subscription/notification").permitAll(); + http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() + .antMatchers(HttpMethod.GET, "/etsi/subscription/notification").permitAll().antMatchers("/**") + .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ",")) + .and().httpBasic(); + } } } |