Code format hawkbit autoconfigure (#1946)

* Code format hawkbit-rest Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com> * Code format hawkbit-autoconfigure Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com> --------- Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
2024-11-05 11:34:36 +02:00
parent c0c2f20a7d
commit 548c8d28a6
14 changed files with 188 additions and 203 deletions
--- a/hawkbit-autoconfigure/pom.xml
+++ b/hawkbit-autoconfigure/pom.xml
@@ -9,83 +9,84 @@
    SPDX-License-Identifier: EPL-2.0

 -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-   <modelVersion>4.0.0</modelVersion>
-   <parent>
-      <groupId>org.eclipse.hawkbit</groupId>
-      <artifactId>hawkbit-parent</artifactId>
-      <version>${revision}</version>
-   </parent>
-   <artifactId>hawkbit-autoconfigure</artifactId>
-   <name>hawkBit :: Spring Boot Autoconfigure</name>
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.eclipse.hawkbit</groupId>
+        <artifactId>hawkbit-parent</artifactId>
+        <version>${revision}</version>
+    </parent>
+    <artifactId>hawkbit-autoconfigure</artifactId>
+    <name>hawkBit :: Spring Boot Autoconfigure</name>

-   <dependencies>
-      <dependency>
-         <groupId>org.eclipse.hawkbit</groupId>
-         <artifactId>hawkbit-core</artifactId>
-         <version>${project.version}</version>
-         <optional>true</optional>
-      </dependency>
-       <dependency>
-         <groupId>org.eclipse.hawkbit</groupId>
-         <artifactId>hawkbit-dmf-amqp</artifactId>
-         <version>${project.version}</version>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-         <groupId>org.eclipse.hawkbit</groupId>
-         <artifactId>hawkbit-repository-jpa</artifactId>
-         <version>${project.version}</version>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-         <groupId>org.eclipse.hawkbit</groupId>
-         <artifactId>hawkbit-http-security</artifactId>
-         <version>${project.version}</version>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-         <groupId>org.eclipse.hawkbit</groupId>
-         <artifactId>hawkbit-security-core</artifactId>
-         <version>${project.version}</version>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-         <groupId>org.eclipse.hawkbit</groupId>
-         <artifactId>hawkbit-ddi-resource</artifactId>
-         <version>${project.version}</version>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-         <groupId>org.eclipse.hawkbit</groupId>
-         <artifactId>hawkbit-mgmt-resource</artifactId>
-         <version>${project.version}</version>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-         <groupId>org.eclipse.hawkbit</groupId>
-         <artifactId>hawkbit-artifact-repository-filesystem</artifactId>
-         <version>${project.version}</version>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-         <groupId>org.springframework</groupId>
-         <artifactId>spring-context-support</artifactId>
-      </dependency>
-      <dependency>
-         <groupId>io.protostuff</groupId>
-         <artifactId>protostuff-core</artifactId>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-         <groupId>io.protostuff</groupId>
-         <artifactId>protostuff-runtime</artifactId>
-         <optional>true</optional>
-      </dependency>
-      <dependency>
-        <groupId>jakarta.servlet</groupId>
-        <artifactId>jakarta.servlet-api</artifactId>
-        <scope>provided</scope>
-      </dependency>     
-   </dependencies>
+    <dependencies>
+        <dependency>
+            <groupId>org.eclipse.hawkbit</groupId>
+            <artifactId>hawkbit-core</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.hawkbit</groupId>
+            <artifactId>hawkbit-dmf-amqp</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.hawkbit</groupId>
+            <artifactId>hawkbit-repository-jpa</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.hawkbit</groupId>
+            <artifactId>hawkbit-http-security</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.hawkbit</groupId>
+            <artifactId>hawkbit-security-core</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.hawkbit</groupId>
+            <artifactId>hawkbit-ddi-resource</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.hawkbit</groupId>
+            <artifactId>hawkbit-mgmt-resource</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.hawkbit</groupId>
+            <artifactId>hawkbit-artifact-repository-filesystem</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context-support</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.protostuff</groupId>
+            <artifactId>protostuff-core</artifactId>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>io.protostuff</groupId>
+            <artifactId>protostuff-runtime</artifactId>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>jakarta.servlet</groupId>
+            <artifactId>jakarta.servlet-api</artifactId>
+            <scope>provided</scope>
+        </dependency>
+    </dependencies>
 </project>
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/PropertyHostnameResolverAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/PropertyHostnameResolverAutoConfiguration.java
@@ -34,8 +34,7 @@ import org.springframework.context.annotation.PropertySource;
 public class PropertyHostnameResolverAutoConfiguration {

    /**
-     * @param serverProperties
-     *            to get the servers URL
+     * @param serverProperties to get the servers URL
     * @return the default autoconfigure hostname resolver implementation which
     *         is property based specified by the property {@link #url}
     */
@@ -52,8 +51,7 @@ public class PropertyHostnameResolverAutoConfiguration {
    }

    /**
-     * @param urlHandlerProperties
-     *            for bean configuration
+     * @param urlHandlerProperties for bean configuration
     * @return PropertyBasedArtifactUrlHandler bean
     */
    @Bean
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/cache/CacheAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/cache/CacheAutoConfiguration.java
@@ -9,6 +9,7 @@
 */
 package org.eclipse.hawkbit.autoconfigure.cache;

+import com.github.benmanes.caffeine.cache.Caffeine;
 import org.eclipse.hawkbit.cache.TenancyCacheManager;
 import org.eclipse.hawkbit.cache.TenantAwareCacheManager;
 import org.eclipse.hawkbit.tenancy.TenantAware;
@@ -22,8 +23,6 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;

-import com.github.benmanes.caffeine.cache.Caffeine;
-
 /**
 * A configuration for configuring the spring {@link CacheManager} for specific
 * multi-tenancy caching. The caches between tenants must not interfere each
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/ddi/DDiApiAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/ddi/DDiApiAutoConfiguration.java
@@ -16,7 +16,6 @@ import org.springframework.context.annotation.Import;

 /**
 * Auto-Configuration for enabling the DDI REST-Resources.
- *
 */
@Configuration
@ConditionalOnClass(DdiApiConfiguration.class)
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/mgmt/MgmtApiAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/mgmt/MgmtApiAutoConfiguration.java
@@ -16,7 +16,6 @@ import org.springframework.context.annotation.Import;

 /**
 * Auto-Configuration for enabling the Management API REST-Resources.
- *
 */
@Configuration
@ConditionalOnClass(MgmtApiConfiguration.class)
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/repository/JpaRepositoryAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/repository/JpaRepositoryAutoConfiguration.java
@@ -22,7 +22,6 @@ import org.springframework.integration.support.locks.LockRegistry;

 /**
 * Auto-Configuration for enabling JPA repository.
- *
 */
@Configuration
@ConditionalOnClass({ RepositoryApplicationConfiguration.class })
@@ -30,7 +29,6 @@ import org.springframework.integration.support.locks.LockRegistry;
 public class JpaRepositoryAutoConfiguration {

    /**
-     *
     * @return returns a VirtualPropertyReplacer
     */
    @Bean
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/repository/event/EventPublisherAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/repository/event/EventPublisherAutoConfiguration.java
@@ -11,6 +11,8 @@ package org.eclipse.hawkbit.autoconfigure.repository.event;

 import java.util.concurrent.Executor;

+import io.protostuff.ProtostuffIOUtil;
+import io.protostuff.Schema;
 import org.eclipse.hawkbit.event.BusProtoStuffMessageConverter;
 import org.eclipse.hawkbit.repository.event.ApplicationEventFilter;
 import org.eclipse.hawkbit.repository.event.remote.RemoteTenantAwareEvent;
@@ -35,18 +37,15 @@ import org.springframework.context.support.AbstractApplicationContext;
 import org.springframework.core.ResolvableType;
 import org.springframework.messaging.converter.MessageConverter;

-import io.protostuff.ProtostuffIOUtil;
-import io.protostuff.Schema;
-
 /**
 * Auto configuration for the event bus.
- *
 */
@Configuration
@RemoteApplicationEventScan(basePackages = "org.eclipse.hawkbit.repository.event.remote")
@PropertySource("classpath:/hawkbit-eventbus-defaults.properties")
@EnableConfigurationProperties(BusProperties.class)
 public class EventPublisherAutoConfiguration {
+
    /**
     * Server internal event publisher that allows parallel event processing if
     * the event listener is marked as so.
@@ -95,8 +94,7 @@ public class EventPublisherAutoConfiguration {
        /**
         * Constructor.
         *
-         * @param tenantAware
-         *            the tenant ware
+         * @param tenantAware the tenant ware
         */
        protected TenantAwareApplicationEventPublisher(final TenantAware tenantAware,
                final ApplicationEventFilter applicationEventFilter) {
@@ -136,8 +134,8 @@ public class EventPublisherAutoConfiguration {
    @ConditionalOnBusEnabled
    @ConditionalOnClass({ Schema.class, ProtostuffIOUtil.class })
    protected static class BusProtoStuffAutoConfiguration {
+
        /**
-         * 
         * @return the protostuff io message converter
         */
        @Bean
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/scheduling/AsyncConfigurerAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/scheduling/AsyncConfigurerAutoConfiguration.java
@@ -21,7 +21,6 @@ import org.springframework.scheduling.annotation.AsyncConfigurer;
 import org.springframework.scheduling.annotation.EnableAsync;

 /**
- *
 * Auto config fot the exception handler.
 */
@Configuration
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/scheduling/AsyncConfigurerThreadpoolProperties.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/scheduling/AsyncConfigurerThreadpoolProperties.java
@@ -13,7 +13,6 @@ import org.springframework.boot.context.properties.ConfigurationProperties;

 /**
 * Properties for the async configurer.
- * 
 */
@ConfigurationProperties("hawkbit.threadpool")
 public class AsyncConfigurerThreadpoolProperties {
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/scheduling/ExecutorAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/scheduling/ExecutorAutoConfiguration.java
@@ -66,30 +66,6 @@ public class ExecutorAutoConfiguration {
        return new ConcurrentTaskExecutor(asyncExecutor());
    }

-    /**
-     * @return central ThreadPoolExecutor for general purpose multi threaded
-     *         operations. Tries an orderly shutdown when destroyed.
-     */
-    private ThreadPoolExecutor threadPoolExecutor() {
-        final BlockingQueue<Runnable> blockingQueue = new ArrayBlockingQueue<>(
-                asyncConfigurerProperties.getQueuesize());
-        return new ThreadPoolExecutor(asyncConfigurerProperties.getCorethreads(),
-                asyncConfigurerProperties.getMaxthreads(), asyncConfigurerProperties.getIdletimeout(),
-                TimeUnit.MILLISECONDS, blockingQueue,
-                threadFactory("central-executor-pool-%d"),
-                new PoolSizeExceededPolicy());
-    }
-
-    private static class PoolSizeExceededPolicy extends CallerRunsPolicy {
-        @Override
-        public void rejectedExecution(final Runnable r, final ThreadPoolExecutor executor) {
-            log.warn(
-                    "Caller has to run on its own instead of centralExecutorService, reached limit of queue size {}",
-                    executor.getQueue().size());
-            super.rejectedExecution(r, executor);
-        }
-    }
-
    /**
     * @return the executor for UI background processes.
     */
@@ -132,4 +108,29 @@ public class ExecutorAutoConfiguration {
            return thread;
        };
    }
+
+    /**
+     * @return central ThreadPoolExecutor for general purpose multi threaded
+     *         operations. Tries an orderly shutdown when destroyed.
+     */
+    private ThreadPoolExecutor threadPoolExecutor() {
+        final BlockingQueue<Runnable> blockingQueue = new ArrayBlockingQueue<>(
+                asyncConfigurerProperties.getQueuesize());
+        return new ThreadPoolExecutor(asyncConfigurerProperties.getCorethreads(),
+                asyncConfigurerProperties.getMaxthreads(), asyncConfigurerProperties.getIdletimeout(),
+                TimeUnit.MILLISECONDS, blockingQueue,
+                threadFactory("central-executor-pool-%d"),
+                new PoolSizeExceededPolicy());
+    }
+
+    private static class PoolSizeExceededPolicy extends CallerRunsPolicy {
+
+        @Override
+        public void rejectedExecution(final Runnable r, final ThreadPoolExecutor executor) {
+            log.warn(
+                    "Caller has to run on its own instead of centralExecutorService, reached limit of queue size {}",
+                    executor.getQueue().size());
+            super.rejectedExecution(r, executor);
+        }
+    }
 }
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/EnableHawkbitManagedSecurityConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/EnableHawkbitManagedSecurityConfiguration.java
@@ -18,8 +18,6 @@ import org.springframework.context.annotation.Import;

 /**
 * Annotation to enable the managed security configuration.
- * 
- *
 */
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/OidcUserManagementAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/OidcUserManagementAutoConfiguration.java
@@ -16,7 +16,6 @@ import java.util.Map;
 import java.util.Set;

 import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.autoconfigure.security.oauth2.client.ClientsConfiguredCondition;
@@ -67,7 +66,7 @@ public class OidcUserManagementAutoConfiguration {

    /**
     * @return a jwt authorities extractor which interprets the roles of a user
-     * as their authorities.
+     *         as their authorities.
     */
    @Bean
    @ConditionalOnMissingBean
@@ -133,7 +132,7 @@ public class OidcUserManagementAutoConfiguration {
     */
    public interface JwtAuthoritiesExtractor {

-        Set<GrantedAuthority> extract(final Jwt token, final ClientRegistration clientRegistration );
+        Set<GrantedAuthority> extract(final Jwt token, final ClientRegistration clientRegistration);
    }

    /**
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java
@@ -19,8 +19,8 @@ import org.eclipse.hawkbit.im.authentication.SpRole;
 import org.eclipse.hawkbit.im.authentication.TenantAwareUserProperties;
 import org.eclipse.hawkbit.im.authentication.TenantAwareUserProperties.User;
 import org.eclipse.hawkbit.security.DdiSecurityProperties;
-import org.eclipse.hawkbit.security.InMemoryUserAuthoritiesResolver;
 import org.eclipse.hawkbit.security.HawkbitSecurityProperties;
+import org.eclipse.hawkbit.security.InMemoryUserAuthoritiesResolver;
 import org.eclipse.hawkbit.security.MdcHandler;
 import org.eclipse.hawkbit.security.SecurityContextSerializer;
 import org.eclipse.hawkbit.security.SecurityContextTenantAware;
@@ -64,7 +64,6 @@ public class SecurityAutoConfiguration {
     *
     * @param authoritiesResolver The user authorities/roles resolver
     * @param securityContextSerializer The security context serializer.
-     *
     * @return the {@link ContextAware} singleton bean.
     */
    @Bean
@@ -111,8 +110,7 @@ public class SecurityAutoConfiguration {
    }

    /**
-     * @param tenantAware
-     *            singleton bean
+     * @param tenantAware singleton bean
     * @return tenantAware {@link SystemSecurityContext}
     */
    @Bean
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java
@@ -83,11 +83,74 @@ import org.springframework.web.cors.CorsConfigurationSource;
@PropertySource("classpath:hawkbit-security-defaults.properties")
 public class SecurityManagedConfiguration {

-    private static final int DOS_FILTER_ORDER = -200;
    public static final String ANONYMOUS_CONTROLLER_SECURITY_ENABLED_SHOULD_ONLY_BE_USED_FOR_DEVELOPMENT_PURPOSES = """
            ******************
            ** Anonymous controller security enabled, should only be used for development purposes **
            ******************""";
+    private static final int DOS_FILTER_ORDER = -200;
+
+    /**
+     * Filter to protect the hawkBit server system management interface against too many requests.
+     *
+     * @param securityProperties for filter configuration
+     * @return the spring filter registration bean for registering a denial of service protection filter in the filter chain
+     */
+    @Bean
+    @ConditionalOnProperty(prefix = "hawkbit.server.security.dos.filter", name = "enabled", matchIfMissing = true)
+    public FilterRegistrationBean<DosFilter> dosSystemFilter(final HawkbitSecurityProperties securityProperties) {
+        final FilterRegistrationBean<DosFilter> filterRegBean = dosFilter(Collections.emptyList(),
+                securityProperties.getDos().getFilter(), securityProperties.getClients());
+        filterRegBean.setUrlPatterns(List.of("/system/*"));
+        filterRegBean.setOrder(DOS_FILTER_ORDER);
+        filterRegBean.setName("dosSystemFilter");
+
+        return filterRegBean;
+    }
+
+    /**
+     * HttpFirewall which enables to define a list of allowed host names.
+     *
+     * @return the http firewall.
+     */
+    @Bean
+    public HttpFirewall httpFirewall(final HawkbitSecurityProperties hawkbitSecurityProperties) {
+        final List<String> allowedHostNames = hawkbitSecurityProperties.getAllowedHostNames();
+        final IgnorePathsStrictHttpFirewall firewall = new IgnorePathsStrictHttpFirewall(
+                hawkbitSecurityProperties.getHttpFirewallIgnoredPaths());
+
+        if (!CollectionUtils.isEmpty(allowedHostNames)) {
+            firewall.setAllowedHostnames(hostName -> {
+                log.debug("Firewall check host: {}, allowed: {}", hostName, allowedHostNames.contains(hostName));
+                return allowedHostNames.contains(hostName);
+            });
+        }
+        return firewall;
+    }
+
+    private static FilterRegistrationBean<DosFilter> dosFilter(final Collection<String> includeAntPaths,
+            final HawkbitSecurityProperties.Dos.Filter filterProperties,
+            final HawkbitSecurityProperties.Clients clientProperties) {
+        final FilterRegistrationBean<DosFilter> filterRegBean = new FilterRegistrationBean<>();
+
+        filterRegBean.setFilter(new DosFilter(includeAntPaths, filterProperties.getMaxRead(),
+                filterProperties.getMaxWrite(), filterProperties.getWhitelist(), clientProperties.getBlacklist(),
+                clientProperties.getRemoteIpHeader()));
+
+        return filterRegBean;
+    }
+
+    private static AuthenticationManager setAuthenticationManager(final HttpSecurity http, final DdiSecurityProperties ddiSecurityConfiguration)
+            throws Exception {
+        // configure authentication manager
+        final AuthenticationManager authenticationManager =
+                http
+                        .getSharedObject(AuthenticationManagerBuilder.class)
+                        .authenticationProvider(
+                                new PreAuthTokenSourceTrustAuthenticationProvider(ddiSecurityConfiguration.getRp().getTrustedIPs()))
+                        .build();
+        http.authenticationManager(authenticationManager);
+        return authenticationManager;
+    }

    /**
     * Security configuration for the hawkBit server DDI interface.
@@ -137,7 +200,7 @@ public class SecurityManagedConfiguration {
        protected FilterRegistrationBean<DosFilter> dosFilterDDI(final HawkbitSecurityProperties securityProperties) {
            final FilterRegistrationBean<DosFilter> filterRegBean =
                    dosFilter(List.of(DDI_ANT_MATCHERS),
-                        securityProperties.getDos().getFilter(), securityProperties.getClients());
+                            securityProperties.getDos().getFilter(), securityProperties.getClients());
            filterRegBean.setOrder(DOS_FILTER_ORDER);
            filterRegBean.setName("dosDDiFilter");

@@ -325,36 +388,6 @@ public class SecurityManagedConfiguration {
        }
    }

-    /**
-     * Filter to protect the hawkBit server system management interface against too many requests.
-     *
-     * @param securityProperties for filter configuration
-     * @return the spring filter registration bean for registering a denial of service protection filter in the filter chain
-     */
-    @Bean
-    @ConditionalOnProperty(prefix = "hawkbit.server.security.dos.filter", name = "enabled", matchIfMissing = true)
-    public FilterRegistrationBean<DosFilter> dosSystemFilter(final HawkbitSecurityProperties securityProperties) {
-        final FilterRegistrationBean<DosFilter> filterRegBean = dosFilter(Collections.emptyList(),
-                securityProperties.getDos().getFilter(), securityProperties.getClients());
-        filterRegBean.setUrlPatterns(List.of("/system/*"));
-        filterRegBean.setOrder(DOS_FILTER_ORDER);
-        filterRegBean.setName("dosSystemFilter");
-
-        return filterRegBean;
-    }
-
-    private static FilterRegistrationBean<DosFilter> dosFilter(final Collection<String> includeAntPaths,
-            final HawkbitSecurityProperties.Dos.Filter filterProperties,
-            final HawkbitSecurityProperties.Clients clientProperties) {
-        final FilterRegistrationBean<DosFilter> filterRegBean = new FilterRegistrationBean<>();
-
-        filterRegBean.setFilter(new DosFilter(includeAntPaths, filterProperties.getMaxRead(),
-                filterProperties.getMaxWrite(), filterProperties.getWhitelist(), clientProperties.getBlacklist(),
-                clientProperties.getRemoteIpHeader()));
-
-        return filterRegBean;
-    }
-
    /**
     * Security configuration for the REST management API.
     */
@@ -394,15 +427,13 @@ public class SecurityManagedConfiguration {
        SecurityFilterChain filterChainREST(
                final HttpSecurity http,
                @Autowired(required = false)
-                @Qualifier("hawkbitOAuth2ResourceServerCustomizer")
-                final Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>> oauth2ResourceServerCustomizer,
+                @Qualifier("hawkbitOAuth2ResourceServerCustomizer") final Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>> oauth2ResourceServerCustomizer,
                // called just before build of the SecurityFilterChain.
                // could be used for instance to set authentication provider
                // Note: implementation of the customizer shall always take in account what is the already set by the
                //       hawkBit
                @Autowired(required = false)
-                @Qualifier("hawkbitHttpSecurityCustomizer")
-                final Customizer<HttpSecurity> httpSecurityCustomizer,
+                @Qualifier("hawkbitHttpSecurityCustomizer") final Customizer<HttpSecurity> httpSecurityCustomizer,
                final SystemManagement systemManagement,
                final SystemSecurityContext systemSecurityContext) throws Exception {
            http
@@ -410,9 +441,9 @@ public class SecurityManagedConfiguration {
                    .authorizeHttpRequests(amrmRegistry ->
                            amrmRegistry
                                    .requestMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
-                                        .hasAnyAuthority(SpPermission.SYSTEM_ADMIN)
+                                    .hasAnyAuthority(SpPermission.SYSTEM_ADMIN)
                                    .anyRequest()
-                                        .authenticated())
+                                    .authenticated())
                    .anonymous(AbstractHttpConfigurer::disable)
                    .csrf(AbstractHttpConfigurer::disable)
                    .requestCache(AbstractHttpConfigurer::disable)
@@ -469,27 +500,6 @@ public class SecurityManagedConfiguration {
        }
    }

-
-    /**
-     * HttpFirewall which enables to define a list of allowed host names.
-     *
-     * @return the http firewall.
-     */
-    @Bean
-    public HttpFirewall httpFirewall(final HawkbitSecurityProperties hawkbitSecurityProperties) {
-        final List<String> allowedHostNames = hawkbitSecurityProperties.getAllowedHostNames();
-        final IgnorePathsStrictHttpFirewall firewall = new IgnorePathsStrictHttpFirewall(
-                hawkbitSecurityProperties.getHttpFirewallIgnoredPaths());
-
-        if (!CollectionUtils.isEmpty(allowedHostNames)) {
-            firewall.setAllowedHostnames(hostName -> {
-                log.debug("Firewall check host: {}, allowed: {}", hostName, allowedHostNames.contains(hostName));
-                return allowedHostNames.contains(hostName);
-            });
-        }
-        return firewall;
-    }
-
    private static class IgnorePathsStrictHttpFirewall extends StrictHttpFirewall {

        private final Collection<String> pathsToIgnore;
@@ -503,6 +513,7 @@ public class SecurityManagedConfiguration {
        public FirewalledRequest getFirewalledRequest(final HttpServletRequest request) {
            if (pathsToIgnore != null && pathsToIgnore.contains(request.getRequestURI())) {
                return new FirewalledRequest(request) {
+
                    @Override
                    public void reset() {
                        // nothing to do
@@ -512,16 +523,4 @@ public class SecurityManagedConfiguration {
            return super.getFirewalledRequest(request);
        }
    }
-
-    private static AuthenticationManager setAuthenticationManager(final HttpSecurity http, final DdiSecurityProperties ddiSecurityConfiguration) throws Exception {
-        // configure authentication manager
-        final AuthenticationManager authenticationManager =
-                http
-                        .getSharedObject(AuthenticationManagerBuilder.class)
-                        .authenticationProvider(
-                                new PreAuthTokenSourceTrustAuthenticationProvider(ddiSecurityConfiguration.getRp().getTrustedIPs()))
-                        .build();
-        http.authenticationManager(authenticationManager);
-        return authenticationManager;
-    }
 }