Commit 4d63c750 authored by Meghnath Saha's avatar Meghnath Saha
Browse files

Disabling Spring Web Security for ODI Services

parent 338d1865
Pipeline #64314 failed with stages
in 12 minutes and 12 seconds
/* Licensed Materials - Property of IBM */ /* Licensed Materials - Property of IBM */
/* (c) Copyright IBM Corp. 2020. All Rights Reserved.*/ /* (c) Copyright IBM Corp. 2020. All Rights Reserved.*/
package org.opengroup.osdu.notification.provider.ibm.security; package org.opengroup.osdu.notification.provider.ibm.security;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration @Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true) @EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter { public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests() http.csrf().disable();
.antMatchers("/test/challenge/**", // .authorizeRequests()
"/v1/api-docs", // .antMatchers("/test/challenge/**",
"/configuration/ui", // "/v1/api-docs",
"/swagger-resources/**", // "/configuration/ui",
"/configuration/security", // "/swagger-resources/**",
"/swagger-ui.html", // "/configuration/security",
"/info", // "/swagger-ui.html",
"/webjars/**") // "/info",
.permitAll().anyRequest().authenticated().and().oauth2ResourceServer().jwt(); // "/webjars/**")
} // .permitAll().anyRequest().authenticated().and().oauth2ResourceServer().jwt();
}
}
\ No newline at end of file }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment