From: Dan Timoney Date: Tue, 20 Apr 2021 15:59:06 +0000 (-0400) Subject: Use CadiFilter instead of shiro X-Git-Tag: 1.2.0~9 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=a90eecf70419ec4acba6f5a8425300eef7f45290;p=ccsdk%2Fapps.git Use CadiFilter instead of shiro Microservices should use CadiFilter rather than shiro to integrate with AAF Change-Id: I95b9a844b7ac868f864134de7345013001357352 Issue-ID: SDNC-1523 Signed-off-by: Dan Timoney --- diff --git a/ms/sliboot/pom.xml b/ms/sliboot/pom.xml index cde828b7..9f43ca1a 100644 --- a/ms/sliboot/pom.xml +++ b/ms/sliboot/pom.xml @@ -18,8 +18,7 @@ org.onap.ccsdk.apps.ms.sliboot.SlibootApp - 1.5.0 - 2.1.13 + 2.1.21 onap/ccsdk-alpine-j11-image 1.1.1 onap/ccsdk-sliboot-alpine-image @@ -40,17 +39,16 @@ io.swagger swagger-annotations - - org.apache.shiro - shiro-spring-boot-web-starter - ${shiro.version} + + org.springframework.boot + spring-boot-starter-web org.springframework.boot spring-boot-starter-logging - + org.springframework.boot spring-boot-starter-log4j2 @@ -59,12 +57,6 @@ org.springframework.boot spring-boot-starter-validation - - org.onap.aaf.cadi - aaf-cadi-shiro - ${aaf-shiro-bundle.version} - - org.springframework.boot spring-boot-starter-test @@ -84,6 +76,34 @@ springfox-swagger-ui 2.9.2 + + org.onap.aaf.authz + aaf-cadi-client + ${aaf.cadi.version} + + + org.onap.aaf.authz + aaf-cadi-core + ${aaf.cadi.version} + + + org.onap.aaf.authz + aaf-auth-client + ${aaf.cadi.version} + runtime + + + org.onap.aaf.authz + aaf-misc-env + ${aaf.cadi.version} + runtime + + + org.onap.aaf.authz + aaf-misc-rosetta + ${aaf.cadi.version} + runtime + ${project.groupId} services @@ -283,7 +303,6 @@ maven-surefire-plugin 2.19.1 - always ${basedir}/src/test/resources ${basedir}/src/test/resources/svclogic.properties diff --git a/ms/sliboot/src/main/java/org/onap/ccsdk/apps/ms/sliboot/SlibootApp.java b/ms/sliboot/src/main/java/org/onap/ccsdk/apps/ms/sliboot/SlibootApp.java index 9805d004..0d7a547f 100644 --- a/ms/sliboot/src/main/java/org/onap/ccsdk/apps/ms/sliboot/SlibootApp.java +++ b/ms/sliboot/src/main/java/org/onap/ccsdk/apps/ms/sliboot/SlibootApp.java @@ -25,17 +25,16 @@ import org.slf4j.LoggerFactory; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.domain.EntityScan; +import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.ComponentScan; +import org.springframework.core.annotation.Order; import org.springframework.data.jpa.repository.config.EnableJpaRepositories; import org.springframework.transaction.annotation.EnableTransactionManagement; import springfox.documentation.swagger2.annotations.EnableSwagger2; -import org.apache.shiro.realm.Realm; -import org.apache.shiro.realm.text.PropertiesRealm; -import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition; -import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition; import org.springframework.context.annotation.Bean; -import org.onap.aaf.cadi.shiro.AAFRealm; + +import org.onap.aaf.cadi.filter.CadiFilter; @SpringBootApplication(scanBasePackages={ "org.onap.ccsdk.apps.ms.sliboot.*", "org.onap.ccsdk.apps.services" }) @EnableJpaRepositories("org.onap.ccsdk.apps.ms.sliboot.*") @@ -51,34 +50,21 @@ public class SlibootApp { } @Bean - public Realm realm() { - - // If cadi prop files is not defined use local properties realm - // src/main/resources/shiro-users.properties - if ("none".equals(System.getProperty("cadi_prop_files", "none"))) { - log.info("cadi_prop_files undefined, AAF Realm will not be set"); - PropertiesRealm realm = new PropertiesRealm(); - return realm; - } else { - AAFRealm realm = new AAFRealm(); - return realm; - } + @Order(1) + public FilterRegistrationBean cadiFilter() { + CadiFilter filter = new CadiFilter(); - } + FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); + registrationBean.setFilter(filter); + if ("none".equals(System.getProperty("cadi_prop_files", "none"))) { + log.info("cadi_prop_files undefined, AAF CADI disabled"); + registrationBean.addUrlPatterns("/xxxx/*"); + } else { + registrationBean.addUrlPatterns("/*"); + registrationBean.addInitParameter("cadi_prop_files", System.getProperty("cadi_prop_files")); + } - @Bean - public ShiroFilterChainDefinition shiroFilterChainDefinition() { - DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition(); - - // if cadi prop files is not set disable authentication - if ("none".equals(System.getProperty("cadi_prop_files", "none"))) { - chainDefinition.addPathDefinition("/**", "anon"); - } else { - log.info("Loaded property cadi_prop_files, AAF REALM set"); - chainDefinition.addPathDefinition("/**", "authcBasic, rest[org.onap.sdnc.odl:odl-api]"); - } - - return chainDefinition; - } + return registrationBean; + } } diff --git a/ms/sliboot/src/test/java/org/onap/ccsdk/apps/ms/sliboot/AppTest.java b/ms/sliboot/src/test/java/org/onap/ccsdk/apps/ms/sliboot/AppTest.java deleted file mode 100644 index 570953e4..00000000 --- a/ms/sliboot/src/test/java/org/onap/ccsdk/apps/ms/sliboot/AppTest.java +++ /dev/null @@ -1,39 +0,0 @@ -package org.onap.ccsdk.apps.ms.sliboot; - -import org.apache.shiro.realm.Realm; -import org.apache.shiro.realm.text.PropertiesRealm; -import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition; -import org.junit.Before; -import org.junit.Test; - -import java.util.Map; - -import static org.junit.Assert.*; - -public class AppTest { - - SlibootApp app; - - @Before - public void setUp() throws Exception { - app = new SlibootApp(); - System.setProperty("serviceLogicProperties", "src/test/resources/svclogic.properties"); - } - - @Test - public void realm() { - Realm realm = app.realm(); - assertTrue(realm instanceof PropertiesRealm); - - - } - - @Test - public void shiroFilterChainDefinition() { - ShiroFilterChainDefinition chainDefinition = app.shiroFilterChainDefinition(); - Map chainMap = chainDefinition.getFilterChainMap(); - assertEquals("anon", chainMap.get("/**")); - - - } -} \ No newline at end of file