Move filter chain cause of autowiring problems
Signed-off-by: SirWayne <dennis.melzer@bosch-si.com>
This commit is contained in:
@@ -13,23 +13,18 @@ import java.util.ArrayList;
|
|||||||
import org.eclipse.hawkbit.im.authentication.MultitenancyIndicator;
|
import org.eclipse.hawkbit.im.authentication.MultitenancyIndicator;
|
||||||
import org.eclipse.hawkbit.im.authentication.PermissionUtils;
|
import org.eclipse.hawkbit.im.authentication.PermissionUtils;
|
||||||
import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
|
import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
|
||||||
import org.eclipse.hawkbit.im.authentication.UserAuthenticationFilter;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
|
|
||||||
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
|
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.userdetails.User;
|
import org.springframework.security.core.userdetails.User;
|
||||||
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
||||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Auto-configuration for the in-memory-user-management.
|
* Auto-configuration for the in-memory-user-management.
|
||||||
@@ -39,9 +34,6 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationFi
|
|||||||
@ConditionalOnMissingBean(UserDetailsService.class)
|
@ConditionalOnMissingBean(UserDetailsService.class)
|
||||||
public class InMemoryUserManagementConfiguration extends GlobalAuthenticationConfigurerAdapter {
|
public class InMemoryUserManagementConfiguration extends GlobalAuthenticationConfigurerAdapter {
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private AuthenticationConfiguration configuration;
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configure(final AuthenticationManagerBuilder auth) throws Exception {
|
public void configure(final AuthenticationManagerBuilder auth) throws Exception {
|
||||||
final DaoAuthenticationProvider userDaoAuthenticationProvider = new TenantDaoAuthenticationProvider();
|
final DaoAuthenticationProvider userDaoAuthenticationProvider = new TenantDaoAuthenticationProvider();
|
||||||
@@ -81,26 +73,4 @@ public class InMemoryUserManagementConfiguration extends GlobalAuthenticationCon
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @return the {@link UserAuthenticationFilter} to include into the SP
|
|
||||||
* security configuration.
|
|
||||||
* @throws Exception
|
|
||||||
* lazy bean exception maybe if the authentication manager
|
|
||||||
* cannot be instantiated
|
|
||||||
*/
|
|
||||||
@Bean
|
|
||||||
@ConditionalOnMissingBean
|
|
||||||
public UserAuthenticationFilter userAuthenticationFilter() throws Exception {
|
|
||||||
return new UserAuthenticationFilterBasicAuth(configuration.getAuthenticationManager());
|
|
||||||
}
|
|
||||||
|
|
||||||
private static final class UserAuthenticationFilterBasicAuth extends BasicAuthenticationFilter
|
|
||||||
implements UserAuthenticationFilter {
|
|
||||||
|
|
||||||
private UserAuthenticationFilterBasicAuth(final AuthenticationManager authenticationManager) {
|
|
||||||
super(authenticationManager);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
@@ -50,6 +50,7 @@ import org.slf4j.Logger;
|
|||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.beans.factory.annotation.Qualifier;
|
import org.springframework.beans.factory.annotation.Qualifier;
|
||||||
|
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
|
||||||
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
||||||
import org.springframework.boot.context.embedded.FilterRegistrationBean;
|
import org.springframework.boot.context.embedded.FilterRegistrationBean;
|
||||||
import org.springframework.boot.context.embedded.ServletListenerRegistrationBean;
|
import org.springframework.boot.context.embedded.ServletListenerRegistrationBean;
|
||||||
@@ -61,6 +62,7 @@ import org.springframework.http.HttpStatus;
|
|||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
|
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
|
||||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||||
import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
|
import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
@@ -76,6 +78,7 @@ import org.springframework.security.web.authentication.AnonymousAuthenticationFi
|
|||||||
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
||||||
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;
|
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;
|
||||||
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
|
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
|
||||||
|
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||||
import org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy;
|
import org.springframework.security.web.header.writers.frameoptions.StaticAllowFromStrategy;
|
||||||
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter;
|
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter;
|
||||||
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode;
|
import org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter.XFrameOptionsMode;
|
||||||
@@ -103,6 +106,31 @@ public class SecurityManagedConfiguration {
|
|||||||
@Autowired
|
@Autowired
|
||||||
private HawkbitSecurityProperties securityProperties;
|
private HawkbitSecurityProperties securityProperties;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private AuthenticationConfiguration configuration;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return the {@link UserAuthenticationFilter} to include into the SP
|
||||||
|
* security configuration.
|
||||||
|
* @throws Exception
|
||||||
|
* lazy bean exception maybe if the authentication manager
|
||||||
|
* cannot be instantiated
|
||||||
|
*/
|
||||||
|
@Bean
|
||||||
|
@ConditionalOnMissingBean
|
||||||
|
public UserAuthenticationFilter userAuthenticationFilter() throws Exception {
|
||||||
|
return new UserAuthenticationFilterBasicAuth(configuration.getAuthenticationManager());
|
||||||
|
}
|
||||||
|
|
||||||
|
private static final class UserAuthenticationFilterBasicAuth extends BasicAuthenticationFilter
|
||||||
|
implements UserAuthenticationFilter {
|
||||||
|
|
||||||
|
private UserAuthenticationFilterBasicAuth(final AuthenticationManager authenticationManager) {
|
||||||
|
super(authenticationManager);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* {@link WebSecurityConfigurer} for the internal SP controller API.
|
* {@link WebSecurityConfigurer} for the internal SP controller API.
|
||||||
*/
|
*/
|
||||||
|
|||||||
Reference in New Issue
Block a user