vfc adapter authentication bug fix

Change-Id: Idaa55084f5ecb0dd3636c232cebc14fa5f064414
Issue-ID: SO-1256
Signed-off-by: Yulian Han <elaine.hanyulian@huawei.com>

2 files changed, 53 insertions, 2 deletions

diff --git a/adapters/mso-vfc-adapter/src/main/java/org/onap/so/adapters/vfc/CXFConfiguration.java b/adapters/mso-vfc-adapter/src/main/java/org/onap/so/adapters/vfc/CXFConfiguration.java
index 031bc2edc5..ea1c3805d1 100644
--- a/adapters/mso-vfc-adapter/src/main/java/org/onap/so/adapters/vfc/CXFConfiguration.java
+++ b/adapters/mso-vfc-adapter/src/main/java/org/onap/so/adapters/vfc/CXFConfiguration.java
@@ -79,11 +79,11 @@ public class CXFConfiguration {
 	public Swagger2Feature createSwaggerFeature() {
 		Swagger2Feature swagger2Feature = new Swagger2Feature();
 		swagger2Feature.setPrettyPrint(true);
-		swagger2Feature.setTitle("SO Request Adapter");
+		swagger2Feature.setTitle("SO VFC Adapter");
 		swagger2Feature.setContact("The ONAP SO team");
 		swagger2Feature.setDescription("This project is the SO Orchestration Engine");
 		swagger2Feature.setVersion("1.0.0");
-		swagger2Feature.setResourcePackage("org.onap.so.adapters.requestdb");
+		swagger2Feature.setResourcePackage("org.onap.so.adapters.vfc.rest");
 		swagger2Feature.setScan(true);
 		return swagger2Feature;
 	}
diff --git a/adapters/mso-vfc-adapter/src/main/java/org/onap/so/adapters/vfc/WebSecurityConfigImpl.java b/adapters/mso-vfc-adapter/src/main/java/org/onap/so/adapters/vfc/WebSecurityConfigImpl.java
new file mode 100644
index 0000000000..37a5633d8d
--- /dev/null
+++ b/adapters/mso-vfc-adapter/src/main/java/org/onap/so/adapters/vfc/WebSecurityConfigImpl.java
@@ -0,0 +1,51 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP - SO
+ * ================================================================================
+ * Copyright (C) 2017 - 2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.so.adapters.vfc;
+
+import org.onap.so.security.MSOSpringFirewall;
+import org.onap.so.security.WebSecurityConfig;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.web.firewall.StrictHttpFirewall;
+import org.springframework.util.StringUtils;
+
+@EnableWebSecurity
+public class WebSecurityConfigImpl extends WebSecurityConfig {
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http.csrf().disable()
+		.authorizeRequests()
+		.antMatchers("/manage/health","/manage/info","/services").permitAll()
+		.antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(),",").toString())
+		.and()
+		.httpBasic();
+	}
+	
+	@Override
+	public void configure(WebSecurity web) throws Exception {
+		super.configure(web);
+		StrictHttpFirewall firewall = new MSOSpringFirewall();
+		web.httpFirewall(firewall);
+	}
+
+}
\ No newline at end of file