diff options
author | k.kazak <k.kazak@samsung.com> | 2019-07-19 14:59:18 +0200 |
---|---|---|
committer | k.kazak <k.kazak@samsung.com> | 2019-07-19 14:59:18 +0200 |
commit | 3cc4c5bf37b4ae20a9809c329ad8aa1889aadbdd (patch) | |
tree | 13002e447edd4e302e1fe7ed10955b2f66eb9874 /so-monitoring/so-monitoring-service/src/main | |
parent | f765cc2ab30384f05af70c4011102389c9462e70 (diff) |
basic auth for so-monitoring
Add basic auth for so-monitoring app
Issue submitted in pentest report
Change-Id: I8e826da9b9f66e893826fd9b40b3b26623b2ab8d
Issue-ID: OJSI-169
Signed-off-by: k.kazak <k.kazak@samsung.com>
Diffstat (limited to 'so-monitoring/so-monitoring-service/src/main')
4 files changed, 86 insertions, 4 deletions
diff --git a/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/UserController.java b/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/UserController.java new file mode 100644 index 0000000000..3959631f94 --- /dev/null +++ b/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/UserController.java @@ -0,0 +1,35 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Samsung + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.monitoring.rest.api; + +import java.security.Principal; +import org.springframework.web.bind.annotation.CrossOrigin; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class UserController { + + @RequestMapping("/user") + public Principal user(Principal user) { + return user; + } +} diff --git a/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/WebApplicationConfig.java b/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/WebApplicationConfig.java index cadd60b0d9..2b53ed8953 100644 --- a/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/WebApplicationConfig.java +++ b/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/WebApplicationConfig.java @@ -2,7 +2,9 @@ * ============LICENSE_START======================================================= * Copyright (C) 2018 Ericsson. All rights reserved. * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); + * Modifications Copyright (c) 2019 Samsung + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * @@ -21,16 +23,15 @@ package org.onap.so.monitoring.rest.api; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; /** * @author waqas.ikram@ericsson.com */ @Configuration -public class WebApplicationConfig extends WebMvcConfigurerAdapter { +public class WebApplicationConfig implements WebMvcConfigurer { @Override public void addViewControllers(final ViewControllerRegistry registry) { - super.addViewControllers(registry); registry.addViewController("/details/**").setViewName("forward:/"); } } diff --git a/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/WebSecurityConfigImpl.java b/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/WebSecurityConfigImpl.java new file mode 100644 index 0000000000..298f52bd35 --- /dev/null +++ b/so-monitoring/so-monitoring-service/src/main/java/org/onap/so/monitoring/rest/api/WebSecurityConfigImpl.java @@ -0,0 +1,39 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Samsung + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.monitoring.rest.api; + +import org.onap.so.security.WebSecurityConfig; +import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; + +@EnableWebSecurity +@Configuration("att-security-config") +@Order(2) +public class WebSecurityConfigImpl extends WebSecurityConfig { + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.authorizeRequests().antMatchers("/actuator", "/actuator/*", "/login", "/", "/index.html", "/*.js", + "/*.js.map", "/favicon.png").permitAll().anyRequest().authenticated().and().httpBasic(); + } +} diff --git a/so-monitoring/so-monitoring-service/src/main/resources/application.yaml b/so-monitoring/so-monitoring-service/src/main/resources/application.yaml index 8235c7480a..347845e422 100644 --- a/so-monitoring/so-monitoring-service/src/main/resources/application.yaml +++ b/so-monitoring/so-monitoring-service/src/main/resources/application.yaml @@ -16,3 +16,10 @@ mso: url: http://so-request-db-adapter.onap:8083/infraActiveRequests/ auth: Basic YnBlbDpwYXNzd29yZDEk +spring: + security: + usercredentials: + - + username: gui + password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke' + role: GUI-Client |