* Copyright (C) 2017-2018 AT&T Intellectual Property. All rights
* reserved.
* ================================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
protected static final EELFLogger logger = EELFManager.getInstance().getLogger(DefaultUserConfiguration.class);
protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
+ private static final String SETUP_WEB_USERS_EXCEPTION_MSG = "Exception occurred during the setup of the Web users in memory";
@Autowired
private ClampProperties refProp;
@Value("${clamp.config.security.permission.type.cl:permission-type-cl}")
protected void configure(HttpSecurity http) {
try {
http.csrf().disable().httpBasic().and().authorizeRequests().antMatchers("/restservices/clds/v1/user/**")
- .authenticated().anyRequest().permitAll().and().logout().and().sessionManagement().maximumSessions(1)
- .and().invalidSessionUrl("/designer/timeout.html");
+ .authenticated().anyRequest().permitAll().and().logout()
+ .logoutUrl("/restservices/clds/v1/user/logout").logoutSuccessUrl("/index.html")
+ .invalidateHttpSession(true).deleteCookies("JSESSIONID").and().sessionManagement()
+ .maximumSessions(1);
} catch (Exception e) {
- logger.error("Exception occurred during the setup of the Web users in memory", e);
- throw new CldsUsersException("Exception occurred during the setup of the Web users in memory", e);
+ logger.error(SETUP_WEB_USERS_EXCEPTION_MSG, e);
+ throw new CldsUsersException(SETUP_WEB_USERS_EXCEPTION_MSG, e);
}
}
* defined in cldsUsersFile variable (this file path can be configured in the
* application.properties).
*
- * @param auth
+ * @param auth authentication manager builder
*/
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) {
}
for (CldsUser user : usersList) {
auth.inMemoryAuthentication().withUser(user.getUser()).password(user.getPassword())
- .authorities(user.getPermissionsString()).and().passwordEncoder(passwordEncoder);
+ .authorities(user.getPermissionsString()).and().passwordEncoder(passwordEncoder);
}
} catch (Exception e) {
- logger.error("Exception occurred during the setup of the Web users in memory", e);
- throw new CldsUsersException("Exception occurred during the setup of the Web users in memory", e);
+ logger.error(SETUP_WEB_USERS_EXCEPTION_MSG, e);
+ throw new CldsUsersException(SETUP_WEB_USERS_EXCEPTION_MSG, e);
}
}
* CldsUser.
*
* @return The array of CldsUser
- * @throws IOException
- * In case of the file is not found
+ * @throws IOException In case of the file is not found
*/
private CldsUser[] loadUsers() throws IOException {
logger.info("Load from clds-users.properties");
return new BCryptPasswordEncoder(cldsBcryptEncoderStrength);
} else {
throw new CldsConfigException(
- "Invalid clamp.config.security.encoder value. 'bcrypt' is the only option at this time.");
+ "Invalid clamp.config.security.encoder value. 'bcrypt' is the only option at this time.");
}
}
}
\ No newline at end of file