Added AAF Integration related changes

[so.git] / asdc-controller / src / main / java / org / onap / so / asdc / WebSecurityConfigImpl.java

diff --git a/asdc-controller/src/main/java/org/onap/so/asdc/WebSecurityConfigImpl.java b/asdc-controller/src/main/java/org/onap/so/asdc/WebSecurityConfigImpl.java
index b45b4f0..8722d19 100644 (file)
--- a/asdc-controller/src/main/java/org/onap/so/asdc/WebSecurityConfigImpl.java
+++ b/asdc-controller/src/main/java/org/onap/so/asdc/WebSecurityConfigImpl.java
@@ -22,27 +22,57 @@ package org.onap.so.asdc;
 
 import org.onap.so.security.MSOSpringFirewall;
 import org.onap.so.security.WebSecurityConfig;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.firewall.StrictHttpFirewall;
 import org.springframework.util.StringUtils;
 
+@Configuration
 @EnableWebSecurity
 public class WebSecurityConfigImpl extends WebSecurityConfig {
 
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
-                .antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and()
-                .httpBasic();
+    @Profile({"basic", "test"})
+    @Bean
+    public WebSecurityConfigurerAdapter basicAuth() {
+        return new WebSecurityConfigurerAdapter() {
+            @Override
+            protected void configure(HttpSecurity http) throws Exception {
+                http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
+                        .antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and()
+                        .httpBasic();
+            }
+
+            @Override
+            public void configure(WebSecurity web) throws Exception {
+                super.configure(web);
+                StrictHttpFirewall firewall = new MSOSpringFirewall();
+                web.httpFirewall(firewall);
+            }
+
+            @Override
+            protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+                auth.userDetailsService(WebSecurityConfigImpl.this.userDetailsService())
+                        .passwordEncoder(WebSecurityConfigImpl.this.passwordEncoder());
+            }
+
+        };
     }
 
-    @Override
-    public void configure(WebSecurity web) throws Exception {
-        super.configure(web);
-        StrictHttpFirewall firewall = new MSOSpringFirewall();
-        web.httpFirewall(firewall);
+    @Profile("aaf")
+    @Bean
+    public WebSecurityConfigurerAdapter noAuth() {
+        return new WebSecurityConfigurerAdapter() {
+            @Override
+            protected void configure(HttpSecurity http) throws Exception {
+                http.authorizeRequests().anyRequest().permitAll();
+            }
+        };
     }
 
 }