diff options
Diffstat (limited to 'adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java')
-rw-r--r-- | adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java (renamed from adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java) | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java index a5404607b4..1e0a18a339 100644 --- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java @@ -22,34 +22,41 @@ package org.onap.so.adapters.vnfmadapter; -import org.onap.so.security.SoBasicWebSecurityConfigurerAdapter; +import org.onap.so.security.HttpSecurityConfigurer; import org.onap.so.security.SoUserCredentialConfiguration; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; /** * @author Waqas Ikram (waqas.ikram@est.tech) * @author Gareth Roper (gareth.roper@est.tech) * */ -@EnableWebSecurity -@Configuration -public class VnfmBasicWebSecurityConfigurerAdapter extends SoBasicWebSecurityConfigurerAdapter { +@Primary +@Component +public class VnfmBasicHttpSecurityConfigurer implements HttpSecurityConfigurer { + + @Autowired + private SoUserCredentialConfiguration soUserCredentialConfiguration; @Value("${server.ssl.client-auth:none}") private String clientAuth; - SoUserCredentialConfiguration soUserCredentialConfiguration; @Override - protected void configure(final HttpSecurity http) throws Exception { + public void configure(final HttpSecurity http) throws Exception { if (("need").equalsIgnoreCase(clientAuth)) { http.csrf().disable().authorizeRequests().anyRequest().permitAll(); } else { - super.configure(http); - http.authorizeRequests().antMatchers(HttpMethod.GET, "/etsi/subscription/notification").permitAll(); + http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() + .antMatchers(HttpMethod.GET, "/etsi/subscription/notification").permitAll().antMatchers("/**") + .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ",")) + .and().httpBasic(); + } } } |