Unifies security configurations (#2448)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2025-06-12 09:06:50 +03:00
committed by GitHub
parent 4cfd90b745
commit 2098dc6223
4 changed files with 19 additions and 26 deletions

View File

@@ -122,9 +122,6 @@ public class MgmtSecurityConfiguration {
.authenticated())
.anonymous(AbstractHttpConfigurer::disable)
.csrf(AbstractHttpConfigurer::disable)
.requestCache(AbstractHttpConfigurer::disable)
.exceptionHandling(Customizer.withDefaults())
.sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.addFilterAfter(
// Servlet filter to create metadata after successful authentication over RESTful.
(request, response, chain) -> {
@@ -134,7 +131,10 @@ public class MgmtSecurityConfiguration {
}
chain.doFilter(request, response);
},
SessionManagementFilter.class);
SessionManagementFilter.class)
.requestCache(AbstractHttpConfigurer::disable)
.exceptionHandling(Customizer.withDefaults())
.sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
if (securityProperties.getCors().isEnabled()) {
http.cors(configurer -> configurer.configurationSource(securityProperties.getCors().toCorsConfigurationSource()));