Fix for SO-2598

[so.git] / adapters / mso-vnfm-adapter / mso-vnfm-etsi-adapter / src / main / java / org / onap / so / adapters / vnfmadapter / VnfmBasicHttpSecurityConfigurer.java

diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java
similarity index 66%
rename from adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java
rename to adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java
index a540460..1e0a18a 100644 (file)
--- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicWebSecurityConfigurerAdapter.java
+++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/VnfmBasicHttpSecurityConfigurer.java
@@ -22,34 +22,41 @@
 
 package org.onap.so.adapters.vnfmadapter;
 
-import org.onap.so.security.SoBasicWebSecurityConfigurerAdapter;
+import org.onap.so.security.HttpSecurityConfigurer;
 import org.onap.so.security.SoUserCredentialConfiguration;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
 
 /**
  * @author Waqas Ikram (waqas.ikram@est.tech)
  * @author Gareth Roper (gareth.roper@est.tech)
  *
  */
-@EnableWebSecurity
-@Configuration
-public class VnfmBasicWebSecurityConfigurerAdapter extends SoBasicWebSecurityConfigurerAdapter {
+@Primary
+@Component
+public class VnfmBasicHttpSecurityConfigurer implements HttpSecurityConfigurer {
+
+    @Autowired
+    private SoUserCredentialConfiguration soUserCredentialConfiguration;
 
     @Value("${server.ssl.client-auth:none}")
     private String clientAuth;
-    SoUserCredentialConfiguration soUserCredentialConfiguration;
 
     @Override
-    protected void configure(final HttpSecurity http) throws Exception {
+    public void configure(final HttpSecurity http) throws Exception {
         if (("need").equalsIgnoreCase(clientAuth)) {
             http.csrf().disable().authorizeRequests().anyRequest().permitAll();
         } else {
-            super.configure(http);
-            http.authorizeRequests().antMatchers(HttpMethod.GET, "/etsi/subscription/notification").permitAll();
+            http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
+                    .antMatchers(HttpMethod.GET, "/etsi/subscription/notification").permitAll().antMatchers("/**")
+                    .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ","))
+                    .and().httpBasic();
+
         }
     }
 }