aboutsummaryrefslogtreecommitdiffstats
path: root/bpmn
diff options
context:
space:
mode:
Diffstat (limited to 'bpmn')
-rw-r--r--bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java12
-rw-r--r--bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java40
-rw-r--r--bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java50
-rw-r--r--bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml75
4 files changed, 114 insertions, 63 deletions
diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java
index 6c75bdb58f..4659d77b62 100644
--- a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java
+++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java
@@ -42,9 +42,12 @@ import org.onap.so.logging.cxf.interceptor.SOAPLoggingInInterceptor;
import org.onap.so.logging.cxf.interceptor.SOAPLoggingOutInterceptor;
import org.onap.so.logging.jaxrs.filter.SOAuditLogContainerFilter;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.DispatcherServlet;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider;
@@ -66,7 +69,7 @@ public class CXFConfiguration {
@Autowired
private WorkflowOnboardingSupport workflowOnboardingSupport;
-
+
@Autowired
private SOAuditLogContainerFilter soAuditLogContainerFilter;
@@ -80,8 +83,8 @@ public class CXFConfiguration {
private VnfAdapterNotify vnfAdapterNotifyServiceImpl;
@Bean
- public ServletRegistrationBean cxfServlet() {
- return new ServletRegistrationBean(new CXFServlet(), "/*");
+ public ServletRegistrationBean<CXFServlet> cxfServlet() {
+ return new ServletRegistrationBean<CXFServlet>(new CXFServlet(), "/*");
}
@Bean
@@ -108,7 +111,8 @@ public class CXFConfiguration {
public Server rsServer() {
JAXRSServerFactoryBean endpoint = new JAXRSServerFactoryBean();
endpoint.setBus(bus);
- endpoint.setServiceBeans(Arrays.<Object>asList(wmr, workflowResource, workflowAsyncResource, workflowOnboardingSupport));
+ endpoint.setServiceBeans(
+ Arrays.<Object>asList(wmr, workflowResource, workflowAsyncResource, workflowOnboardingSupport));
endpoint.setAddress("/");
endpoint.setFeatures(Arrays.asList(createSwaggerFeature(), new LoggingFeature()));
endpoint.setProviders(Arrays.asList(new JacksonJsonProvider(mapper), soAuditLogContainerFilter));
diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java
index 6900f3099d..c0214a976a 100644
--- a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java
+++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java
@@ -25,8 +25,6 @@ package org.onap.so.bpmn.infrastructure;
import java.util.List;
import java.util.concurrent.Executor;
import javax.annotation.PostConstruct;
-import org.camunda.bpm.application.PreUndeploy;
-import org.camunda.bpm.application.ProcessApplicationInfo;
import org.camunda.bpm.engine.ProcessEngine;
import org.camunda.bpm.engine.repository.DeploymentBuilder;
import org.onap.logging.filter.spring.MDCTaskDecorator;
@@ -34,6 +32,7 @@ import org.onap.so.bpmn.common.DefaultToShortClassNameBeanNameGenerator;
import org.onap.so.db.catalog.beans.Workflow;
import org.onap.so.db.catalog.client.CatalogDbClient;
import org.onap.so.logger.LoggingAnchor;
+import org.onap.so.security.SoBasicHttpSecurityConfigurer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -52,12 +51,6 @@ import org.springframework.context.annotation.Primary;
import org.springframework.scheduling.annotation.EnableAsync;
import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
-import javax.annotation.PostConstruct;
-import java.util.List;
-import java.util.concurrent.Executor;
-
-import static java.util.Collections.singletonMap;
-import static org.springframework.boot.context.config.ConfigFileApplicationListener.*;
/**
* @since Version 1.0
*
@@ -66,17 +59,18 @@ import static org.springframework.boot.context.config.ConfigFileApplicationListe
@SpringBootApplication
@EnableAsync
@ComponentScan(basePackages = {"org.onap"}, nameGenerator = DefaultToShortClassNameBeanNameGenerator.class,
- excludeFilters = {@Filter(type = FilterType.ANNOTATION, classes = SpringBootApplication.class)})
-@EnableAutoConfiguration(exclude= FreeMarkerAutoConfiguration.class)
+ excludeFilters = {@Filter(type = FilterType.ANNOTATION, classes = SpringBootApplication.class),
+ @Filter(type = FilterType.ASSIGNABLE_TYPE, value = SoBasicHttpSecurityConfigurer.class)})
+@EnableAutoConfiguration(exclude = FreeMarkerAutoConfiguration.class)
public class MSOInfrastructureApplication extends SpringBootServletInitializer {
private static final Logger logger = LoggerFactory.getLogger(MSOInfrastructureApplication.class);
-
+
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
- return application
- .sources(MSOInfrastructureApplication.class);
+ return application.sources(MSOInfrastructureApplication.class);
}
+
@Autowired
private ProcessEngine processEngine;
@@ -118,17 +112,17 @@ public class MSOInfrastructureApplication extends SpringBootServletInitializer {
@PostConstruct
public void postConstruct() {
DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment();
-// try {
-// DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment();
-// deployCustomWorkflows(deploymentBuilder);
-// } catch (Exception e) {
-// logger.warn("Unable to invoke deploymentBuilder: " + e.getMessage());
-// }
+ // try {
+ // DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment();
+ // deployCustomWorkflows(deploymentBuilder);
+ // } catch (Exception e) {
+ // logger.warn("Unable to invoke deploymentBuilder: " + e.getMessage());
+ // }
}
-// @PreUndeploy
-// public void cleanup(ProcessEngine processEngine, ProcessApplicationInfo processApplicationInfo,
-// List<ProcessEngine> processEngines) {}
+ // @PreUndeploy
+ // public void cleanup(ProcessEngine processEngine, ProcessApplicationInfo processApplicationInfo,
+ // List<ProcessEngine> processEngines) {}
@Bean
@Primary
@@ -147,7 +141,7 @@ public class MSOInfrastructureApplication extends SpringBootServletInitializer {
logger.info("Attempting to deploy custom workflows");
try {
List<Workflow> workflows = catalogDbClient.findWorkflowBySource(SDC_SOURCE);
- logger.info("SDC workflows: {}", workflows );
+ logger.info("SDC workflows: {}", workflows);
if (workflows != null && !workflows.isEmpty()) {
for (Workflow workflow : workflows) {
String workflowName = workflow.getName();
diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java
new file mode 100644
index 0000000000..15347f1dc5
--- /dev/null
+++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java
@@ -0,0 +1,50 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2021 Nordix Foundation.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.so.bpmn.infrastructure;
+
+import org.onap.so.security.HttpSecurityConfigurer;
+import org.onap.so.security.SoUserCredentialConfiguration;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+
+/**
+ * @author Waqas Ikram (waqas.ikram@est.tech)
+ *
+ */
+@Primary
+@Component("basic")
+public class SoBpmnInfraBasicHttpSecurityConfigurer implements HttpSecurityConfigurer {
+
+ @Autowired
+ private SoUserCredentialConfiguration soUserCredentialConfiguration;
+
+ @Override
+ public void configure(final HttpSecurity http) throws Exception {
+ http.csrf().disable().authorizeRequests()
+ .antMatchers("/app-api/manage", "/app-api/manage/health", "/app-api/manage/info").permitAll()
+ .antMatchers("/**")
+ .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ","))
+ .and().httpBasic();
+ }
+
+}
diff --git a/bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml b/bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml
index e68d1bad80..3a0060ff79 100644
--- a/bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml
+++ b/bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml
@@ -1,41 +1,44 @@
-server:
- port: 8080
- tomcat:
- max-threads: 50
+server:
+ port: 8080
+ tomcat:
+ max-threads: 50
mso:
- infra:
- auditInventory: false
- camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
-spring:
- http:
- multipart:
- enabled: false
- main:
- allow-bean-definition-overriding: true
+ infra:
+ auditInventory: false
+ camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
+spring:
+ http:
+ multipart:
+ enabled: false
+ main:
+ allow-bean-definition-overriding: true
+ mvc:
+ servlet:
+ path: /app-api
camunda:
- bpm:
- application:
- delete-upon-undeploy: false
- scan-for-process-definitions: true
- deploy-changed-only: true
- job-execution:
- deployment-aware: true
+ bpm:
+ application:
+ delete-upon-undeploy: false
+ scan-for-process-definitions: true
+ deploy-changed-only: true
+ job-execution:
+ deployment-aware: true
#Actuator
management:
- endpoints:
- web:
- base-path: /manage
- exposure:
- include: "*"
- metrics:
- se-global-registry: false
- export:
- prometheus:
- enabled: true # Whether exporting of metrics to Prometheus is enabled.
- step: 1m # Step size (i.e. reporting frequency) to use.
+ endpoints:
+ web:
+ base-path: /manage
+ exposure:
+ include: '*'
+ metrics:
+ se-global-registry: false
+ export:
+ prometheus:
+ enabled: true # Whether exporting of metrics to Prometheus is enabled.
+ step: 1m # Step size (i.e. reporting frequency) to use.
org:
- onap:
- so:
- adapters:
- network:
- encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
+ onap:
+ so:
+ adapters:
+ network:
+ encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7 \ No newline at end of file