cleanup
This commit is contained in:
parent
1685221567
commit
1f3ae1ddd7
@ -14,6 +14,7 @@ import jakarta.servlet.http.HttpServletRequest;
|
|||||||
import javax.xml.parsers.DocumentBuilderFactory;
|
import javax.xml.parsers.DocumentBuilderFactory;
|
||||||
import javax.xml.parsers.ParserConfigurationException;
|
import javax.xml.parsers.ParserConfigurationException;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.function.Supplier;
|
||||||
|
|
||||||
public class CasAuthenticator implements Authenticator {
|
public class CasAuthenticator implements Authenticator {
|
||||||
|
|
||||||
@ -52,7 +53,7 @@ public class CasAuthenticator implements Authenticator {
|
|||||||
|
|
||||||
System.err.println("CasAuthenticator.casValidation using URL: " + url);
|
System.err.println("CasAuthenticator.casValidation using URL: " + url);
|
||||||
|
|
||||||
final var response = restTemplate.getForObject(url, String.class);
|
final var response = tryTo( () -> restTemplate.getForObject(url, String.class));
|
||||||
|
|
||||||
final var doc = DocumentBuilderFactory.newInstance().newDocumentBuilder()
|
final var doc = DocumentBuilderFactory.newInstance().newDocumentBuilder()
|
||||||
.parse(new java.io.ByteArrayInputStream(response.getBytes()));
|
.parse(new java.io.ByteArrayInputStream(response.getBytes()));
|
||||||
@ -68,4 +69,13 @@ public class CasAuthenticator implements Authenticator {
|
|||||||
System.err.println("CAS-user: " + userName);
|
System.err.println("CAS-user: " + userName);
|
||||||
return userName;
|
return userName;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private <T> T tryTo(final Supplier<T> code) {
|
||||||
|
try {
|
||||||
|
final T resultValue = code.get();
|
||||||
|
return resultValue;
|
||||||
|
} catch (final Exception e) {
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -17,11 +17,14 @@ public class WebSecurityConfig {
|
|||||||
public SecurityFilterChain securityFilterChain(final HttpSecurity http) throws Exception {
|
public SecurityFilterChain securityFilterChain(final HttpSecurity http) throws Exception {
|
||||||
return http
|
return http
|
||||||
.authorizeHttpRequests(authorize -> authorize
|
.authorizeHttpRequests(authorize -> authorize
|
||||||
.requestMatchers("/api/**").permitAll() // TODO.impl: implement authentication
|
// TODO.impl: implement CAS authentication via Spring Security
|
||||||
.requestMatchers("/swagger-ui/**").permitAll()
|
.anyRequest().permitAll()
|
||||||
.requestMatchers("/v3/api-docs/**").permitAll()
|
// .requestMatchers("/swagger-ui/**").permitAll()
|
||||||
.requestMatchers("/actuator/**").permitAll()
|
// .requestMatchers("/v3/api-docs/**").permitAll()
|
||||||
.anyRequest().authenticated()
|
// .requestMatchers("/actuator/**").permitAll()
|
||||||
|
// .requestMatchers("/api/ping").permitAll()
|
||||||
|
// .requestMatchers("/api/**").authenticated()
|
||||||
|
//.anyRequest().denyAll()
|
||||||
)
|
)
|
||||||
.csrf(AbstractHttpConfigurer::disable)
|
.csrf(AbstractHttpConfigurer::disable)
|
||||||
.build();
|
.build();
|
||||||
|
@ -39,6 +39,7 @@ spring:
|
|||||||
|
|
||||||
data:
|
data:
|
||||||
rest:
|
rest:
|
||||||
|
# do NOT implicilty expose SpringData repositories as REST-controllers
|
||||||
detection-strategy: annotated
|
detection-strategy: annotated
|
||||||
|
|
||||||
sql:
|
sql:
|
||||||
|
Loading…
x
Reference in New Issue
Block a user