import org.onap.so.security.MSOSpringFirewall;
import org.onap.so.security.WebSecurityConfig;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.firewall.StrictHttpFirewall;
import org.springframework.util.StringUtils;
+@Configuration
@EnableWebSecurity
public class WebSecurityConfigImpl extends WebSecurityConfig {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
- .antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and()
- .httpBasic();
+ @Profile({"basic", "test"})
+ @Bean
+ public WebSecurityConfigurerAdapter basicAuth() {
+ return new WebSecurityConfigurerAdapter() {
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
+ .antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and()
+ .httpBasic();
+ }
+
+ @Override
+ public void configure(WebSecurity web) throws Exception {
+ super.configure(web);
+ StrictHttpFirewall firewall = new MSOSpringFirewall();
+ web.httpFirewall(firewall);
+ }
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.userDetailsService(WebSecurityConfigImpl.this.userDetailsService())
+ .passwordEncoder(WebSecurityConfigImpl.this.passwordEncoder());
+ }
+
+ };
}
- @Override
- public void configure(WebSecurity web) throws Exception {
- super.configure(web);
- StrictHttpFirewall firewall = new MSOSpringFirewall();
- web.httpFirewall(firewall);
+ @Profile("aaf")
+ @Bean
+ public WebSecurityConfigurerAdapter noAuth() {
+ return new WebSecurityConfigurerAdapter() {
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.authorizeRequests().anyRequest().permitAll();
+ }
+ };
}
}