diff options
author | waqas.ikram <waqas.ikram@est.tech> | 2020-02-07 16:10:14 +0000 |
---|---|---|
committer | Waqas Ikram <waqas.ikram@est.tech> | 2020-02-10 18:14:01 +0000 |
commit | 505b82d23d4340e67f619675bad4580fc3ae050a (patch) | |
tree | 3fe96d59a458026aaca2f0cf7dd0a4f475905d82 /common | |
parent | c1dacabbcf9f9f09a00458b44f5168f1273965ec (diff) |
Fix for SO-2598
Change-Id: If2086de6cb635f39a03927be35fed9c177919211
Issue-ID: SO-2598
Signed-off-by: waqas.ikram <waqas.ikram@est.tech>
Making WebSecurityConfigurerAdapter configurable so that other
components can configure it per there requirement
Change-Id: I8f7674710ff41195946a710b86c7c8d7b52815f8
Signed-off-by: waqas.ikram <waqas.ikram@est.tech>
Diffstat (limited to 'common')
-rw-r--r-- | common/src/main/java/org/onap/so/security/HttpSecurityConfigurer.java | 32 | ||||
-rw-r--r-- | common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java | 45 | ||||
-rw-r--r-- | common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java (renamed from common/src/main/java/org/onap/so/security/SoBasicWebSecurityConfigurerAdapter.java) | 19 |
3 files changed, 87 insertions, 9 deletions
diff --git a/common/src/main/java/org/onap/so/security/HttpSecurityConfigurer.java b/common/src/main/java/org/onap/so/security/HttpSecurityConfigurer.java new file mode 100644 index 0000000000..ffd5931c92 --- /dev/null +++ b/common/src/main/java/org/onap/so/security/HttpSecurityConfigurer.java @@ -0,0 +1,32 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2020 Ericsson. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.onap.so.security; + +import org.springframework.security.config.annotation.web.builders.HttpSecurity; + +/** + * @author Waqas Ikram (waqas.ikram@est.tech) + * + */ +public interface HttpSecurityConfigurer { + + void configure(final HttpSecurity http) throws Exception; + +} diff --git a/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java b/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java new file mode 100644 index 0000000000..9aceb03519 --- /dev/null +++ b/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java @@ -0,0 +1,45 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2020 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.onap.so.security; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; + +/** + * @author Waqas Ikram (waqas.ikram@est.tech) + * + */ +@Component +public class SoBasicHttpSecurityConfigurer implements HttpSecurityConfigurer { + + @Autowired + private SoUserCredentialConfiguration soUserCredentialConfiguration; + + @Override + public void configure(final HttpSecurity http) throws Exception { + http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() + .antMatchers("/**") + .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ",")) + .and().httpBasic(); + } + +} diff --git a/common/src/main/java/org/onap/so/security/SoBasicWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java index 21176e0d5d..903d586ab1 100644 --- a/common/src/main/java/org/onap/so/security/SoBasicWebSecurityConfigurerAdapter.java +++ b/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java @@ -1,6 +1,6 @@ /*- * ============LICENSE_START======================================================= - * Copyright (C) 2020 Nordix Foundation. + * Copyright (C) 2020 Ericsson. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,6 +19,8 @@ */ package org.onap.so.security; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; @@ -31,7 +33,6 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.firewall.StrictHttpFirewall; -import org.springframework.util.StringUtils; /** * @author Waqas Ikram (waqas.ikram@est.tech) @@ -40,11 +41,12 @@ import org.springframework.util.StringUtils; @EnableWebSecurity @Configuration @Order(1) -@Profile({"basic"}) -public class SoBasicWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { +@Profile({"basic", "test"}) +public class SoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { + private static final Logger LOGGER = LoggerFactory.getLogger(SoWebSecurityConfigurerAdapter.class); @Autowired - private SoUserCredentialConfiguration soUserCredentialConfiguration; + private HttpSecurityConfigurer httpSecurityConfigurer; @Autowired private UserDetailsService userDetailsService; @@ -54,10 +56,9 @@ public class SoBasicWebSecurityConfigurerAdapter extends WebSecurityConfigurerAd @Override protected void configure(final HttpSecurity http) throws Exception { - http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() - .antMatchers("/**") - .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ",")) - .and().httpBasic(); + LOGGER.debug("Injecting {} configuration ...", httpSecurityConfigurer.getClass()); + + httpSecurityConfigurer.configure(http); } @Override |