Added AAF Integration related changes

Created two profiles for the application
to run. Basic profile will allow the
application to run in the current
spring security authentication. AAF profile
will authenticate and authorize requests with
AAF. if no profile is given, it will fallback
to basic.

Change-Id: I2576f02e7afca3c10e02aaffef66a60fa1c4dd1a
Issue-ID: SO-2451
Signed-off-by: Ramesh Parthasarathy(rp6768)<ramesh.parthasarathy@att.com>

1 files changed, 31 insertions, 13 deletions

diff --git a/bpmn/so-bpmn-infrastructure-common/src/test/java/org/onap/so/bpmn/infrastructure/WebSecurityConfigImpl.java b/bpmn/so-bpmn-infrastructure-common/src/test/java/org/onap/so/bpmn/infrastructure/WebSecurityConfigImpl.java
index 1ed3214214..58e58464e1 100644
--- a/bpmn/so-bpmn-infrastructure-common/src/test/java/org/onap/so/bpmn/infrastructure/WebSecurityConfigImpl.java
+++ b/bpmn/so-bpmn-infrastructure-common/src/test/java/org/onap/so/bpmn/infrastructure/WebSecurityConfigImpl.java
@@ -24,28 +24,46 @@ package org.onap.so.bpmn.infrastructure;
 
 import org.onap.so.security.MSOSpringFirewall;
 import org.onap.so.security.WebSecurityConfig;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.firewall.StrictHttpFirewall;
 import org.springframework.util.StringUtils;
 
+@Configuration
 @EnableWebSecurity
 public class WebSecurityConfigImpl extends WebSecurityConfig {
 
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
-                .antMatchers("/async/services/**", "/workflow/services/*", "/SDNCAdapterCallbackService",
-                        "/WorkflowMessage", "/vnfAdapterNotify", "/vnfAdapterRestNotify")
-                .hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and().httpBasic();
-    }
+    @Bean
+    @Profile("test")
+    public WebSecurityConfigurerAdapter basicAuth() {
+        return new WebSecurityConfigurerAdapter() {
+            @Override
+            protected void configure(HttpSecurity http) throws Exception {
+                http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
+                        .antMatchers("/async/services/**", "/workflow/services/*", "/SDNCAdapterCallbackService",
+                                "/WorkflowMessage", "/vnfAdapterNotify", "/vnfAdapterRestNotify")
+                        .hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and().httpBasic();
+            }
 
-    @Override
-    public void configure(WebSecurity web) throws Exception {
-        super.configure(web);
-        StrictHttpFirewall firewall = new MSOSpringFirewall();
-        web.httpFirewall(firewall);
-    }
+            @Override
+            public void configure(WebSecurity web) throws Exception {
+                super.configure(web);
+                StrictHttpFirewall firewall = new MSOSpringFirewall();
+                web.httpFirewall(firewall);
+            }
 
+            @Override
+            protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+                auth.userDetailsService(WebSecurityConfigImpl.this.userDetailsService())
+                        .passwordEncoder(WebSecurityConfigImpl.this.passwordEncoder());
+            }
+
+        };
+    }
 }