Simplify the user management

[clamp.git] / src / main / java / org / onap / clamp / clds / config / DefaultUserConfiguration.java

diff --git a/src/main/java/org/onap/clamp/clds/config/DefaultUserConfiguration.java b/src/main/java/org/onap/clamp/clds/config/DefaultUserConfiguration.java
index a8ff120..a451586 100644 (file)
--- a/src/main/java/org/onap/clamp/clds/config/DefaultUserConfiguration.java
+++ b/src/main/java/org/onap/clamp/clds/config/DefaultUserConfiguration.java
@@ -32,7 +32,7 @@ import java.io.IOException;
 
 import org.onap.clamp.clds.exception.CldsConfigException;
 import org.onap.clamp.clds.exception.CldsUsersException;
-import org.onap.clamp.clds.service.CldsUser;
+import org.onap.clamp.authorization.CldsUser;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
@@ -56,7 +56,8 @@ public class DefaultUserConfiguration extends WebSecurityConfigurerAdapter {
 
     protected static final EELFLogger logger = EELFManager.getInstance().getLogger(DefaultUserConfiguration.class);
     protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
-    private static final String SETUP_WEB_USERS_EXCEPTION_MSG = "Exception occurred during the setup of the Web users in memory";
+    private static final String SETUP_WEB_USERS_EXCEPTION_MSG = "Exception occurred during the "
+            + " setup of the Web users in memory";
     @Autowired
     private ClampProperties refProp;
     @Value("${clamp.config.security.permission.type.cl:permission-type-cl}")
@@ -75,8 +76,10 @@ public class DefaultUserConfiguration extends WebSecurityConfigurerAdapter {
     protected void configure(HttpSecurity http) {
         try {
             http.csrf().disable().httpBasic().and().authorizeRequests().antMatchers("/restservices/clds/v1/user/**")
-            .authenticated().anyRequest().permitAll().and().logout().and().sessionManagement().maximumSessions(1)
-            .and().invalidSessionUrl("/designer/timeout.html");
+                    .authenticated().anyRequest().permitAll().and().logout()
+                    .logoutUrl("/restservices/clds/v1/user/logout").logoutSuccessUrl("/index.html")
+                    .invalidateHttpSession(true).deleteCookies("JSESSIONID").and().sessionManagement()
+                    .maximumSessions(1);
 
         } catch (Exception e) {
             logger.error(SETUP_WEB_USERS_EXCEPTION_MSG, e);
@@ -105,7 +108,7 @@ public class DefaultUserConfiguration extends WebSecurityConfigurerAdapter {
             }
             for (CldsUser user : usersList) {
                 auth.inMemoryAuthentication().withUser(user.getUser()).password(user.getPassword())
-                .authorities(user.getPermissionsString()).and().passwordEncoder(passwordEncoder);
+                        .authorities(user.getPermissionsString()).and().passwordEncoder(passwordEncoder);
             }
         } catch (Exception e) {
             logger.error(SETUP_WEB_USERS_EXCEPTION_MSG, e);
@@ -118,8 +121,7 @@ public class DefaultUserConfiguration extends WebSecurityConfigurerAdapter {
      * CldsUser.
      *
      * @return The array of CldsUser
-     * @throws IOException
-     *         In case of the file is not found
+     * @throws IOException In case of the file is not found
      */
     private CldsUser[] loadUsers() throws IOException {
         logger.info("Load from clds-users.properties");
@@ -134,7 +136,7 @@ public class DefaultUserConfiguration extends WebSecurityConfigurerAdapter {
             return new BCryptPasswordEncoder(cldsBcryptEncoderStrength);
         } else {
             throw new CldsConfigException(
-                "Invalid clamp.config.security.encoder value. 'bcrypt' is the only option at this time.");
+                    "Invalid clamp.config.security.encoder value. 'bcrypt' is the only option at this time.");
         }
     }
 }
\ No newline at end of file