2 * Copyright © 2017-2018 AT&T Intellectual Property.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package org.onap.ccsdk.cds.controllerblueprints.security;
19 import com.att.eelf.configuration.EELFLogger;
20 import com.att.eelf.configuration.EELFManager;
21 import org.springframework.beans.factory.annotation.Value;
22 import org.springframework.context.annotation.Bean;
23 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
24 import org.springframework.security.config.web.server.ServerHttpSecurity;
25 import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
26 import org.springframework.security.core.userdetails.User;
27 import org.springframework.security.core.userdetails.UserDetails;
28 import org.springframework.security.web.server.SecurityWebFilterChain;
30 @SuppressWarnings("unused")
31 @EnableWebFluxSecurity
32 public class ApplicationSecurityConfigurerAdapter {
34 @Value("${basic-auth.user-name}")
35 private String userName;
37 @Value("${basic-auth.hashed-pwd}")
38 private String userHashedPassword;
40 private static EELFLogger log = EELFManager.getInstance().getLogger(ApplicationSecurityConfigurerAdapter.class);
43 public SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) throws Exception {
45 http.csrf().disable();
46 http.authorizeExchange()
47 .pathMatchers("/webjars/**", "/actuator/**").permitAll()
48 .anyExchange().authenticated()
55 public MapReactiveUserDetailsService userDetailsService() {
56 User.UserBuilder userBuilder = User.builder();
57 UserDetails defaultUser = userBuilder
59 .password(userHashedPassword).roles("USER").build();
60 return new MapReactiveUserDetailsService(defaultUser);