diff --git a/src/main/java/org/edgegallery/website/config/ClientAuthenticationSuccessHandler.java b/src/main/java/org/edgegallery/website/config/ClientAuthenticationSuccessHandler.java index f4b7b6d685a7a6376b861e83a2dee5110f463a99..2512fc2f0c2285930ec095e9ee97c3c48c05c28a 100644 --- a/src/main/java/org/edgegallery/website/config/ClientAuthenticationSuccessHandler.java +++ b/src/main/java/org/edgegallery/website/config/ClientAuthenticationSuccessHandler.java @@ -14,9 +14,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.stereotype.Component; -@Component public class ClientAuthenticationSuccessHandler implements AuthenticationSuccessHandler { private static final Logger LOGGER = LoggerFactory.getLogger(ClientAuthenticationSuccessHandler.class); diff --git a/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java b/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java index bd1446af6aaf3a89a79abf5a666d9b81beaf11e8..1cba339c24e58f087f4de133a5bb7699f899003a 100644 --- a/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java +++ b/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java @@ -88,22 +88,21 @@ public class ClientWebSecurityConfigurer extends WebSecurityConfigurerAdapter { @Override public void configure(final HttpSecurity http) throws Exception { - http.headers().frameOptions().disable() - .addObjectPostProcessor(new ObjectPostProcessor() { + http.headers().frameOptions().disable(); + + http.authorizeRequests().withObjectPostProcessor(new ObjectPostProcessor() { @Override - public O postProcess(O object) { + public O postProcess(O object) { LOGGER.info("postProcess setAlwaysReauthenticate true."); object.setAlwaysReauthenticate(true); return object; } - }); - - http.authorizeRequests().antMatchers("/login", "/auth/logout").permitAll() + }).antMatchers("/login", "/auth/logout").permitAll() // this api will be used by health-check service, so permit all roles to get mec host list in v1.2 .antMatchers(HttpMethod.GET, "/mecm-inventory/inventory/v1/mechosts").permitAll() .antMatchers(HttpMethod.GET, "/health").permitAll().antMatchers("/webssh").permitAll() - .antMatchers("/wsserver/**").permitAll().anyRequest().authenticated().and() - .addFilterBefore(oauth2ClientAuthenticationProcessingFilter(), BasicAuthenticationFilter.class).logout() + .antMatchers("/wsserver/**").permitAll().anyRequest().authenticated().and().formLogin() + .successHandler(new ClientAuthenticationSuccessHandler()).and().logout() .addLogoutHandler(new LogoutHandler() { @Override public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @@ -121,7 +120,6 @@ public class ClientWebSecurityConfigurer extends WebSecurityConfigurerAdapter { /** * oauth2ClientAuthenticationProcessingFilter. */ - @Bean public OAuth2ClientAuthenticationProcessingFilter oauth2ClientAuthenticationProcessingFilter() { LOGGER.info("oauth2ClientAuthenticationProcessingFilter in."); OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter("/login");