Feature/add tenant and user into mdc (#1806)
* Add MDC * Add tenant/user into MDC in order to be possible to be used in logging Enabled by default. Could be disabled via hawkbit.logging.mdchandler.enable=false Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com> --------- Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -178,8 +178,7 @@ public class OidcUserManagementAutoConfiguration {
|
||||
}
|
||||
|
||||
/**
|
||||
* Utility class to extract authorities out of the jwt. It interprets the user's
|
||||
* role as their authorities.
|
||||
* Utility class to extract authorities out of the jwt. It interprets the user's role as their authorities.
|
||||
*/
|
||||
private record DefaultJwtAuthoritiesExtractor(GrantedAuthoritiesMapper authoritiesMapper) implements JwtAuthoritiesExtractor {
|
||||
|
||||
@@ -220,4 +219,4 @@ public class OidcUserManagementAutoConfiguration {
|
||||
return new LinkedHashSet<>(authorities);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -21,6 +21,7 @@ import org.eclipse.hawkbit.im.authentication.TenantAwareUserProperties.User;
|
||||
import org.eclipse.hawkbit.security.DdiSecurityProperties;
|
||||
import org.eclipse.hawkbit.security.InMemoryUserAuthoritiesResolver;
|
||||
import org.eclipse.hawkbit.security.HawkbitSecurityProperties;
|
||||
import org.eclipse.hawkbit.security.MDCHandler;
|
||||
import org.eclipse.hawkbit.security.SecurityContextSerializer;
|
||||
import org.eclipse.hawkbit.security.SecurityContextTenantAware;
|
||||
import org.eclipse.hawkbit.security.SecurityTokenGenerator;
|
||||
@@ -121,36 +122,30 @@ public class SecurityAutoConfiguration {
|
||||
return new SystemSecurityContext(tenantAware, roleHierarchy);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return {@link SecurityTokenGenerator} bean
|
||||
*/
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public MDCHandler mdcHandler() {
|
||||
return MDCHandler.getInstance();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public SecurityTokenGenerator securityTokenGenerator() {
|
||||
return new SecurityTokenGenerator();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return {@link AuthenticationSuccessHandler} bean
|
||||
*/
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public AuthenticationSuccessHandler authenticationSuccessHandler() {
|
||||
return new SimpleUrlAuthenticationSuccessHandler();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return {@link LogoutHandler} bean
|
||||
*/
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public LogoutHandler logoutHandler() {
|
||||
return new SecurityContextLogoutHandler();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return {@link LogoutSuccessHandler} bean
|
||||
*/
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public LogoutSuccessHandler logoutSuccessHandler() {
|
||||
|
||||
@@ -35,6 +35,7 @@ import org.eclipse.hawkbit.security.HttpControllerPreAuthenticateSecurityTokenFi
|
||||
import org.eclipse.hawkbit.security.HttpControllerPreAuthenticatedGatewaySecurityTokenFilter;
|
||||
import org.eclipse.hawkbit.security.HttpControllerPreAuthenticatedSecurityHeaderFilter;
|
||||
import org.eclipse.hawkbit.security.HttpDownloadAuthenticationFilter;
|
||||
import org.eclipse.hawkbit.security.MDCHandler;
|
||||
import org.eclipse.hawkbit.security.PreAuthTokenSourceTrustAuthenticationProvider;
|
||||
import org.eclipse.hawkbit.security.SystemSecurityContext;
|
||||
import org.eclipse.hawkbit.tenancy.TenantAware;
|
||||
@@ -57,7 +58,6 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.annotation.web.configurers.HttpBasicConfigurer;
|
||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.core.Authentication;
|
||||
@@ -206,6 +206,8 @@ public class SecurityManagedConfiguration {
|
||||
.sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
|
||||
}
|
||||
|
||||
MDCHandler.getInstance().addLoggingFilter(http);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
@@ -321,6 +323,8 @@ public class SecurityManagedConfiguration {
|
||||
.sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
|
||||
}
|
||||
|
||||
MDCHandler.getInstance().addLoggingFilter(http);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
@@ -383,6 +387,8 @@ public class SecurityManagedConfiguration {
|
||||
.addFilterBefore(downloadIdAuthenticationFilter, AuthorizationFilter.class)
|
||||
.sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
|
||||
|
||||
MDCHandler.getInstance().addLoggingFilter(http);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
@@ -485,6 +491,8 @@ public class SecurityManagedConfiguration {
|
||||
httpSecurityCustomizer.customize(http);
|
||||
}
|
||||
|
||||
MDCHandler.getInstance().addLoggingFilter(http);
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
@@ -521,7 +529,6 @@ public class SecurityManagedConfiguration {
|
||||
return firewall;
|
||||
}
|
||||
|
||||
|
||||
private static class IgnorePathsStrictHttpFirewall extends StrictHttpFirewall {
|
||||
|
||||
private final Collection<String> pathsToIgnore;
|
||||
|
||||
Reference in New Issue
Block a user