diff --git a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/InMemoryUserManagementConfiguration.java b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/InMemoryUserManagementConfiguration.java new file mode 100644 index 000000000..5a745a02b --- /dev/null +++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/InMemoryUserManagementConfiguration.java @@ -0,0 +1,98 @@ +package org.eclipse.hawkbit.autoconfigure.security; + +import java.util.ArrayList; + +import org.eclipse.hawkbit.im.authentication.MultitenancyIndicator; +import org.eclipse.hawkbit.im.authentication.PermissionUtils; +import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails; +import org.eclipse.hawkbit.im.authentication.UserAuthenticationFilter; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.provisioning.InMemoryUserDetailsManager; +import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; + +/** + * Auto-configuration for the in-memory-user-management. + * + */ +@Configuration +@ConditionalOnMissingBean(UserDetailsService.class) +public class InMemoryUserManagementConfiguration extends GlobalAuthenticationConfigurerAdapter { + + @Autowired + private AuthenticationConfiguration configuration; + + @Override + public void configure(final AuthenticationManagerBuilder auth) throws Exception { + final DaoAuthenticationProvider userDaoAuthenticationProvider = new TenantDaoAuthenticationProvider(); + userDaoAuthenticationProvider.setUserDetailsService(userDetailsService()); + auth.authenticationProvider(userDaoAuthenticationProvider); + } + + /** + * @return the user details service to load a user from memory user manager. + */ + @Bean + @ConditionalOnMissingBean + public UserDetailsService userDetailsService() { + final InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager(new ArrayList<>()); + inMemoryUserDetailsManager.setAuthenticationManager(null); + inMemoryUserDetailsManager.createUser(new User("admin", "admin", PermissionUtils.createAllAuthorityList())); + return inMemoryUserDetailsManager; + } + + /** + * @return the multi-tenancy indicator to disallow multi-tenancy + */ + @Bean + @ConditionalOnMissingBean + public MultitenancyIndicator multiTenancyIndicator() { + return () -> false; + } + + private static class TenantDaoAuthenticationProvider extends DaoAuthenticationProvider { + + @Override + protected Authentication createSuccessAuthentication(final Object principal, + final Authentication authentication, final UserDetails user) { + final UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(principal, + authentication.getCredentials(), user.getAuthorities()); + result.setDetails(new TenantAwareAuthenticationDetails("DEFAULT", false)); + return result; + } + } + + /** + * @return the {@link UserAuthenticationFilter} to include into the SP + * security configuration. + * @throws Exception + * lazy bean exception maybe if the authentication manager + * cannot be instantiated + */ + @Bean + @ConditionalOnMissingBean + public UserAuthenticationFilter userAuthenticationFilter() throws Exception { + return new UserAuthenticationFilterBasicAuth(configuration.getAuthenticationManager()); + } + + private static final class UserAuthenticationFilterBasicAuth extends BasicAuthenticationFilter + implements UserAuthenticationFilter { + + private UserAuthenticationFilterBasicAuth(final AuthenticationManager authenticationManager) { + super(authenticationManager); + } + + } +} \ No newline at end of file diff --git a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java index 3d07664df..d74b27dc8 100644 --- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java +++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java @@ -8,36 +8,17 @@ */ package org.eclipse.hawkbit.autoconfigure.security; -import java.util.ArrayList; - -import org.eclipse.hawkbit.im.authentication.MultitenancyIndicator; import org.eclipse.hawkbit.im.authentication.PermissionService; -import org.eclipse.hawkbit.im.authentication.PermissionUtils; -import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails; -import org.eclipse.hawkbit.im.authentication.UserAuthenticationFilter; import org.eclipse.hawkbit.security.DdiSecurityProperties; import org.eclipse.hawkbit.security.SecurityContextTenantAware; import org.eclipse.hawkbit.security.SpringSecurityAuditorAware; import org.eclipse.hawkbit.tenancy.TenantAware; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.data.domain.AuditorAware; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.authentication.dao.DaoAuthenticationProvider; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; -import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; -import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; -import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; /** * {@link EnableAutoConfiguration Auto-configuration} for security. @@ -81,95 +62,4 @@ public class SecurityAutoConfiguration { return new SpringSecurityAuditorAware(); } - /** - * Auto-configuration for the in-memory-user-management. - * - * - * - */ - @Configuration - @ConditionalOnMissingBean(value = { UserAuthenticationFilter.class }) - public static class InMemoryUserManagementConfiguration extends GlobalAuthenticationConfigurerAdapter { - - @Autowired - private AuthenticationConfiguration configuration; - - /* - * (non-Javadoc) - * - * @see org.springframework.security.config.annotation.authentication. - * configurers. GlobalAuthenticationConfigurerAdapter - * #configure(org.springframework.security.config.annotation. - * authentication.builders.AuthenticationManagerBuilder) - */ - @Override - public void configure(final AuthenticationManagerBuilder auth) throws Exception { - final DaoAuthenticationProvider userDaoAuthenticationProvider = new TenantDaoAuthenticationProvider(); - userDaoAuthenticationProvider.setUserDetailsService(userDetailsService()); - auth.authenticationProvider(userDaoAuthenticationProvider); - } - - /** - * @return the user details service to load a user from memory user - * manager. - */ - @Bean - public UserDetailsService userDetailsService() { - final InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager( - new ArrayList<>()); - inMemoryUserDetailsManager.setAuthenticationManager(null); - inMemoryUserDetailsManager.createUser(new User("admin", "admin", PermissionUtils.createAllAuthorityList())); - return inMemoryUserDetailsManager; - } - - /** - * @return the multi-tenancy indicator to disallow multi-tenancy - */ - @Bean - public MultitenancyIndicator multiTenancyIndicator() { - return () -> false; - } - - private static class TenantDaoAuthenticationProvider extends DaoAuthenticationProvider { - /* - * (non-Javadoc) - * - * @see org.springframework.security.authentication.dao. - * AbstractUserDetailsAuthenticationProvider - * #createSuccessAuthentication(java.lang.Object, - * org.springframework.security.core.Authentication, - * org.springframework.security.core.userdetails.UserDetails) - */ - @Override - protected Authentication createSuccessAuthentication(final Object principal, - final Authentication authentication, final UserDetails user) { - final UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(principal, - authentication.getCredentials(), user.getAuthorities()); - result.setDetails(new TenantAwareAuthenticationDetails("DEFAULT", false)); - return result; - } - } - - /** - * @return the {@link UserAuthenticationFilter} to include into the SP - * security configuration. - * @throws Exception - * lazy bean exception maybe if the authentication manager - * cannot be instantiated - */ - @Bean - public UserAuthenticationFilter userAuthenticationFilter() throws Exception { - return new UserAuthenticationFilterBasicAuth(configuration.getAuthenticationManager()); - } - - private static final class UserAuthenticationFilterBasicAuth extends BasicAuthenticationFilter - implements UserAuthenticationFilter { - - private UserAuthenticationFilterBasicAuth(final AuthenticationManager authenticationManager) { - super(authenticationManager); - } - - } - } - } diff --git a/hawkbit-autoconfigure/src/main/resources/META-INF/spring.factories b/hawkbit-autoconfigure/src/main/resources/META-INF/spring.factories index 335054585..7df1f5ed2 100644 --- a/hawkbit-autoconfigure/src/main/resources/META-INF/spring.factories +++ b/hawkbit-autoconfigure/src/main/resources/META-INF/spring.factories @@ -11,4 +11,5 @@ org.eclipse.hawkbit.autoconfigure.eventbus.EventBusAutoConfiguration,\ org.eclipse.hawkbit.autoconfigure.scheduling.AsyncConfigurerAutoConfiguration,\ org.eclipse.hawkbit.autoconfigure.cache.RedisAutoConfiguration,\ org.eclipse.hawkbit.autoconfigure.scheduling.ExecutorAutoConfiguration,\ -org.eclipse.hawkbit.autoconfigure.amqp.AmqpAutoConfiguration +org.eclipse.hawkbit.autoconfigure.amqp.AmqpAutoConfiguration,\ +org.eclipse.hawkbit.autoconfigure.security.InMemoryUserManagementConfiguration diff --git a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/common/UserDetailsFormatter.java b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/common/UserDetailsFormatter.java index 8fb5a8b42..d9a964b04 100644 --- a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/common/UserDetailsFormatter.java +++ b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/common/UserDetailsFormatter.java @@ -175,11 +175,7 @@ public final class UserDetailsFormatter { private static UserDetails loadUserByUsername(final String username) { final UserDetailsService userDetailsService = SpringContextHelper.getBean(UserDetailsService.class); try { - final UserDetails loadUserByUsername = userDetailsService.loadUserByUsername(username); - if (loadUserByUsername == null) { - throw new UsernameNotFoundException("User not found " + username); - } - return loadUserByUsername; + return userDetailsService.loadUserByUsername(username); } catch (final UsernameNotFoundException e) { return new User(username, "", Collections.emptyList()); }