From a27a770b6a2db10b0b13ee6d6517028b5736729c Mon Sep 17 00:00:00 2001 From: Michael Hirsch Date: Thu, 28 Jan 2016 10:35:26 +0100 Subject: [PATCH 1/3] removing the default value from the @Value annotation, seems like is not working overwriting the default value with profiles. Removing the default value, it is possible again to overwrite the default value again. --- .../java/org/eclipse/hawkbit/security/SecurityProperties.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java b/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java index b9bf45fd0..e6742ebc8 100644 --- a/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java +++ b/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java @@ -31,7 +31,7 @@ public class SecurityProperties { @Value("${hawkbit.server.controller.security.rp.trustedIPs:#{null}}") private List rpTrustedIPs; - @Value("${hawkbit.server.controller.security.authentication.anonymous.enabled:false}") + @Value("${hawkbit.server.controller.security.authentication.anonymous.enabled}") private Boolean anonymousEnabled; public String getRpCnHeader() { From 877cb1ee24754c3fce4d68dce75f5f7984619f80 Mon Sep 17 00:00:00 2001 From: SirWayne Date: Thu, 28 Jan 2016 15:29:31 +0100 Subject: [PATCH 2/3] Remove @Value annotation and use inner configuration properties to set the default value. Signed-off-by: SirWayne --- .../hawkbit/security/SecurityProperties.java | 112 +++++++++++++----- 1 file changed, 84 insertions(+), 28 deletions(-) diff --git a/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java b/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java index e6742ebc8..d3c426977 100644 --- a/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java +++ b/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java @@ -10,8 +10,9 @@ package org.eclipse.hawkbit.security; import java.util.List; -import org.springframework.beans.factory.annotation.Value; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.stereotype.Component; /** * The common properties for security. @@ -22,47 +23,102 @@ import org.springframework.boot.context.properties.ConfigurationProperties; @ConfigurationProperties public class SecurityProperties { - @Value("${hawkbit.server.controller.security.rp.cnHeader:X-Ssl-Client-Cn}") - private String rpCnHeader; + @Component + @ConfigurationProperties("hawkbit.server.controller.security.rp") + public static class RpProperties { + private String cnHeader = "X-Ssl-Client-Cn"; + private String sslIssuerHashHeader = "X-Ssl-Issuer-Hash-%d"; + private List trustedIPs; - @Value("${hawkbit.server.controller.security.rp.sslIssuerHashHeader:X-Ssl-Issuer-Hash-%d}") - private String rpSslIssuerHashHeader; + /** + * @return the cnHeader + */ + public String getCnHeader() { + return cnHeader; + } - @Value("${hawkbit.server.controller.security.rp.trustedIPs:#{null}}") - private List rpTrustedIPs; + /** + * @param cnHeader + * the cnHeader to set + */ + public void setCnHeader(final String cnHeader) { + this.cnHeader = cnHeader; + } - @Value("${hawkbit.server.controller.security.authentication.anonymous.enabled}") - private Boolean anonymousEnabled; + /** + * @return the sslIssuerHashHeader + */ + public String getSslIssuerHashHeader() { + return sslIssuerHashHeader; + } + + /** + * @param sslIssuerHashHeader + * the sslIssuerHashHeader to set + */ + public void setSslIssuerHashHeader(final String sslIssuerHashHeader) { + this.sslIssuerHashHeader = sslIssuerHashHeader; + } + + /** + * @return the trustedIPs + */ + public List getTrustedIPs() { + return trustedIPs; + } + + /** + * @param trustedIPs + * the trustedIPs to set + */ + public void setTrustedIPs(final List trustedIPs) { + this.trustedIPs = trustedIPs; + } + + } + + @Component + @ConfigurationProperties("hawkbit.server.controller.security.authentication") + public static class AuthenticationsProperties { + private Boolean anonymousEnabled = Boolean.FALSE; + + /** + * @param anonymousEnabled + * the anonymousEnabled to set + */ + public void setAnonymousEnabled(final Boolean anonymousEnabled) { + this.anonymousEnabled = anonymousEnabled; + } + + /** + * @return the anonymousEnabled + */ + public Boolean getAnonymousEnabled() { + return anonymousEnabled; + } + + } + + @Autowired + private RpProperties rppProperties; + + @Autowired + private AuthenticationsProperties authenticationsProperties; public String getRpCnHeader() { - return rpCnHeader; + return rppProperties.getCnHeader(); } public String getRpSslIssuerHashHeader() { - return rpSslIssuerHashHeader; + return rppProperties.getSslIssuerHashHeader(); } public List getRpTrustedIPs() { - return rpTrustedIPs; + return rppProperties.getTrustedIPs(); } public Boolean getAnonymousEnabled() { - return anonymousEnabled; + return authenticationsProperties.getAnonymousEnabled(); } - public void setRpCnHeader(final String rpCnHeader) { - this.rpCnHeader = rpCnHeader; - } - - public void setRpSslIssuerHashHeader(final String rpSslIssuerHashHeader) { - this.rpSslIssuerHashHeader = rpSslIssuerHashHeader; - } - - public void setRpTrustedIPs(final List rpTrustedIPs) { - this.rpTrustedIPs = rpTrustedIPs; - } - - public void setAnonymousEnabled(final Boolean anonymousEnabled) { - this.anonymousEnabled = anonymousEnabled; - } } From d55e52170162fbe82428d4c67333661ed71da7ab Mon Sep 17 00:00:00 2001 From: Michael Hirsch Date: Tue, 2 Feb 2016 17:32:10 +0100 Subject: [PATCH 3/3] fixing security properties for anonymous enabled, adding javadoc Signed-off-by: Michael Hirsch --- .../hawkbit/security/SecurityProperties.java | 30 +++++++++++-------- 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java b/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java index d3c426977..8cc056f15 100644 --- a/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java +++ b/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityProperties.java @@ -23,6 +23,9 @@ import org.springframework.stereotype.Component; @ConfigurationProperties public class SecurityProperties { + /** + * Inner class for reverse proxy configuration. + */ @Component @ConfigurationProperties("hawkbit.server.controller.security.rp") public static class RpProperties { @@ -77,24 +80,27 @@ public class SecurityProperties { } + /** + * Inner class for anonymous enable configuration. + */ @Component - @ConfigurationProperties("hawkbit.server.controller.security.authentication") - public static class AuthenticationsProperties { - private Boolean anonymousEnabled = Boolean.FALSE; + @ConfigurationProperties("hawkbit.server.controller.security.authentication.anonymous") + public static class AnoymousAuthenticationProperties { + private Boolean enabled = Boolean.FALSE; /** - * @param anonymousEnabled - * the anonymousEnabled to set + * @param enabled + * the enabled to set */ - public void setAnonymousEnabled(final Boolean anonymousEnabled) { - this.anonymousEnabled = anonymousEnabled; + public void setEnabled(final Boolean enabled) { + this.enabled = enabled; } /** - * @return the anonymousEnabled + * @return the enabled */ - public Boolean getAnonymousEnabled() { - return anonymousEnabled; + public Boolean getEnabled() { + return enabled; } } @@ -103,7 +109,7 @@ public class SecurityProperties { private RpProperties rppProperties; @Autowired - private AuthenticationsProperties authenticationsProperties; + private AnoymousAuthenticationProperties authenticationsProperties; public String getRpCnHeader() { return rppProperties.getCnHeader(); @@ -118,7 +124,7 @@ public class SecurityProperties { } public Boolean getAnonymousEnabled() { - return authenticationsProperties.getAnonymousEnabled(); + return authenticationsProperties.getEnabled(); } }