From 903cfb96ee4d3fdcce5f731cb4685d5ff8836c00 Mon Sep 17 00:00:00 2001
From: Piotr Borelowski
Date: Wed, 15 Jan 2020 17:58:27 +0100
Subject: Added Basic Authorization in receiving Notification
Ve-Vnfm (SOL002) Adapter project
Issue-ID: SO-2574
Signed-off-by: Piotr Borelowski
Change-Id: Ib01bf2301dad5a699751c060cfb28eac6858e003
---
.../configuration/SecurityConfiguration.java | 29 +++++++++++++++++++---
.../adapters/vevnfm/service/SubscriberService.java | 18 +++++++++++---
.../src/main/resources/application.yaml | 2 ++
3 files changed, 42 insertions(+), 7 deletions(-)
(limited to 'adapters/mso-ve-vnfm-adapter/src')
diff --git a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/configuration/SecurityConfiguration.java b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/configuration/SecurityConfiguration.java
index 32c2559d7b..cc56048262 100644
--- a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/configuration/SecurityConfiguration.java
+++ b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/configuration/SecurityConfiguration.java
@@ -21,15 +21,38 @@
package org.onap.so.adapters.vevnfm.configuration;
import org.onap.so.security.SoBasicWebSecurityConfigurerAdapter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
+@EnableWebSecurity
public class SecurityConfiguration extends SoBasicWebSecurityConfigurerAdapter {
+ @Value("${notification.url}")
+ private String notificationUrl;
+
+ @Value("${notification.username}")
+ private String notificationUsername;
+
+ @Value("${notification.password}")
+ private String notificationPassword;
+
+ @Autowired
+ private PasswordEncoder passwordEncoder;
+
+ @Override
+ protected void configure(final HttpSecurity https) throws Exception {
+ https.csrf().disable().authorizeRequests().antMatchers(notificationUrl).authenticated().and().httpBasic();
+ }
+
@Override
- protected void configure(final HttpSecurity http) throws Exception {
- http.authorizeRequests().antMatchers().permitAll().and().requestMatchers().antMatchers("/").and()
- .authorizeRequests().anyRequest().authenticated();
+ protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication().withUser(notificationUsername)
+ .password(passwordEncoder.encode(notificationPassword)).authorities("ROLE_USER");
}
}
diff --git a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java
index e413124b4b..aa07ed65a2 100644
--- a/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java
+++ b/adapters/mso-ve-vnfm-adapter/src/main/java/org/onap/so/adapters/vevnfm/service/SubscriberService.java
@@ -20,6 +20,7 @@
package org.onap.so.adapters.vevnfm.service;
+import java.util.Collections;
import org.onap.so.adapters.vevnfm.subscription.SubscribeSender;
import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.LccnSubscriptionRequest;
import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsAuthentication;
@@ -33,14 +34,20 @@ public class SubscriberService {
private static final char COLON = ':';
- @Value("${notification.url}")
- private String notificationUrl;
+ @Value("${system.url}")
+ private String systemUrl;
@Value("${server.port}")
private String serverPort;
- @Value("${system.url}")
- private String systemUrl;
+ @Value("${notification.url}")
+ private String notificationUrl;
+
+ @Value("${notification.username}")
+ private String notificationUsername;
+
+ @Value("${notification.password}")
+ private String notificationPassword;
@Autowired
private SubscribeSender sender;
@@ -55,6 +62,9 @@ public class SubscriberService {
request.callbackUri(getCallbackUri());
final SubscriptionsAuthenticationParamsBasic paramsBasic = new SubscriptionsAuthenticationParamsBasic();
final SubscriptionsAuthentication authentication = new SubscriptionsAuthentication();
+ paramsBasic.setUserName(notificationUsername);
+ paramsBasic.setPassword(notificationPassword);
+ authentication.setAuthType(Collections.singletonList(SubscriptionsAuthentication.AuthTypeEnum.BASIC));
authentication.setParamsBasic(paramsBasic);
request.authentication(authentication);
diff --git a/adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml b/adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml
index 12197d737d..b16fa6348f 100644
--- a/adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml
+++ b/adapters/mso-ve-vnfm-adapter/src/main/resources/application.yaml
@@ -22,6 +22,8 @@ system:
notification:
url: /lcm/v1/vnf/instances/notifications
+ username: admin
+ password: a4b3c2d1
mso:
key: 07a7159d3bf51a0e53be7a8f89699be7
--
cgit 1.2.3-korg