lingwei.kong/hawkbit
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Make HttpControllerPreAuthenticatedSecurityHeaderFilter a bean (#722)

Browse Source 
This makes it possible to overwrite the security header filter in an
extensions, which is desirable since the current default hawkBit
implementation relies on custom HTTP headers.

Signed-off-by: Stefan Schake <stefan.schake@devolo.de>
This commit is contained in:
Stefan Schake
2018-09-17 09:33:19 +02:00
committed by Dominic Schabel
parent 095af0541c
commit 29ebed9b80
1 changed files with 25 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java
View File

@@ -135,6 +135,23 @@ public class SecurityManagedConfiguration {
}
@Bean
@ConditionalOnMissingBean
public HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter(
final DdiSecurityProperties ddiSecurityConfiguration,
final TenantConfigurationManagement tenantConfigurationManagement, final TenantAware tenantAware,
final SystemSecurityContext systemSecurityContext, final AuthenticationManager authenticationManager)
throws Exception {
final HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter = new HttpControllerPreAuthenticatedSecurityHeaderFilter(
ddiSecurityConfiguration.getRp().getCnHeader(),
ddiSecurityConfiguration.getRp().getSslIssuerHashHeader(), tenantConfigurationManagement, tenantAware,
systemSecurityContext);
securityHeaderFilter.setAuthenticationManager(authenticationManager);
securityHeaderFilter.setCheckForPrincipalChanges(true);
securityHeaderFilter.setAuthenticationDetailsSource(new ControllerTenantAwareAuthenticationDetailsSource());
return securityHeaderFilter;
}
/**
* {@link WebSecurityConfigurer} for the hawkBit server DDI interface.
*/
@@ -156,18 +173,21 @@ public class SecurityManagedConfiguration {
private final DdiSecurityProperties ddiSecurityConfiguration;
private final SecurityProperties springSecurityProperties;
private final SystemSecurityContext systemSecurityContext;
private final HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter;
@Autowired
ControllerSecurityConfigurationAdapter(final ControllerManagement controllerManagement,
final TenantConfigurationManagement tenantConfigurationManagement, final TenantAware tenantAware,
final DdiSecurityProperties ddiSecurityConfiguration, final SecurityProperties springSecurityProperties,
final SystemSecurityContext systemSecurityContext) {
final SystemSecurityContext systemSecurityContext,
final HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter) {
this.controllerManagement = controllerManagement;
this.tenantConfigurationManagement = tenantConfigurationManagement;
this.tenantAware = tenantAware;
this.ddiSecurityConfiguration = ddiSecurityConfiguration;
this.springSecurityProperties = springSecurityProperties;
this.systemSecurityContext = systemSecurityContext;
this.securityHeaderFilter = securityHeaderFilter;
}
/**
@@ -197,13 +217,7 @@ public class SecurityManagedConfiguration {
final ControllerTenantAwareAuthenticationDetailsSource authenticationDetailsSource = new ControllerTenantAwareAuthenticationDetailsSource();
final HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter = new HttpControllerPreAuthenticatedSecurityHeaderFilter(
ddiSecurityConfiguration.getRp().getCnHeader(),
ddiSecurityConfiguration.getRp().getSslIssuerHashHeader(), tenantConfigurationManagement,
tenantAware, systemSecurityContext);
securityHeaderFilter.setAuthenticationManager(authenticationManager());
securityHeaderFilter.setCheckForPrincipalChanges(true);
securityHeaderFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
final HttpControllerPreAuthenticateSecurityTokenFilter securityTokenFilter = new HttpControllerPreAuthenticateSecurityTokenFilter(
tenantConfigurationManagement, tenantAware, controllerManagement, systemSecurityContext);
@@ -272,18 +286,21 @@ public class SecurityManagedConfiguration {
private final DdiSecurityProperties ddiSecurityConfiguration;
private final SecurityProperties springSecurityProperties;
private final SystemSecurityContext systemSecurityContext;
private final HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter;
@Autowired
ControllerDownloadSecurityConfigurationAdapter(final ControllerManagement controllerManagement,
final TenantConfigurationManagement tenantConfigurationManagement, final TenantAware tenantAware,
final DdiSecurityProperties ddiSecurityConfiguration, final SecurityProperties springSecurityProperties,
final SystemSecurityContext systemSecurityContext) {
final SystemSecurityContext systemSecurityContext,
final HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter) {
this.controllerManagement = controllerManagement;
this.tenantConfigurationManagement = tenantConfigurationManagement;
this.tenantAware = tenantAware;
this.ddiSecurityConfiguration = ddiSecurityConfiguration;
this.springSecurityProperties = springSecurityProperties;
this.systemSecurityContext = systemSecurityContext;
this.securityHeaderFilter = securityHeaderFilter;
}
/**
@@ -313,13 +330,7 @@ public class SecurityManagedConfiguration {
final ControllerTenantAwareAuthenticationDetailsSource authenticationDetailsSource = new ControllerTenantAwareAuthenticationDetailsSource();
final HttpControllerPreAuthenticatedSecurityHeaderFilter securityHeaderFilter = new HttpControllerPreAuthenticatedSecurityHeaderFilter(
ddiSecurityConfiguration.getRp().getCnHeader(),
ddiSecurityConfiguration.getRp().getSslIssuerHashHeader(), tenantConfigurationManagement,
tenantAware, systemSecurityContext);
securityHeaderFilter.setAuthenticationManager(authenticationManager());
securityHeaderFilter.setCheckForPrincipalChanges(true);
securityHeaderFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
final HttpControllerPreAuthenticateSecurityTokenFilter securityTokenFilter = new HttpControllerPreAuthenticateSecurityTokenFilter(
tenantConfigurationManagement, tenantAware, controllerManagement, systemSecurityContext);