From 09bc542bc5aa847261227fe9bca79e8b859c1d2f Mon Sep 17 00:00:00 2001 From: "k.triantafyllou" Date: Wed, 25 Nov 2020 12:30:41 +0000 Subject: [PATCH] [AuthorizationLibrary | Trunk]: Add Entry point class to get 401 if user is not loggedin --- .../security/RedisConfig.java | 48 +++++++++++++++++++ .../security/WebSecurityConfig.java | 2 +- 2 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/RedisConfig.java diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/RedisConfig.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/RedisConfig.java new file mode 100644 index 0000000..9b02566 --- /dev/null +++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/RedisConfig.java @@ -0,0 +1,48 @@ +package eu.dnetlib.uoaauthorizationlibrary.security; + +import org.apache.log4j.Logger; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory; +import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession; +import org.springframework.session.web.http.CookieSerializer; +import org.springframework.session.web.http.DefaultCookieSerializer; + +@Configuration +@EnableRedisHttpSession +public class RedisConfig { + + private static final Logger logger = Logger.getLogger(RedisConfig.class); + + @Value("${redis.host:localhost}") + private String host; + + @Value("${redis.port:6379}") + private String port; + + @Value("${redis.password:#{null}}") + private String password; + + @Value("${webbapp.front.domain:.openaire.eu}") + private String domain; + + @Bean + public LettuceConnectionFactory connectionFactory() { + logger.info(String.format("Redis connection listens to %s:%s ",host,port)); + LettuceConnectionFactory factory = new LettuceConnectionFactory(host,Integer.parseInt(port)); + if(password != null) factory.setPassword(password); + return factory; + } + + @Bean + public CookieSerializer cookieSerializer() { + logger.info("Cookie Serializer: Domain is "+domain); + DefaultCookieSerializer serializer = new DefaultCookieSerializer(); + serializer.setCookieName("openAIRESession"); // <1> + serializer.setCookiePath("/"); // <2> +// serializer.setDomainNamePattern(""); //with value "" set's the domain of the service e.g scoobydoo.di.uoa.gr + serializer.setDomainName(domain); + return serializer; + } +} \ No newline at end of file diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/WebSecurityConfig.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/WebSecurityConfig.java index 0eb602e..52edcfb 100644 --- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/WebSecurityConfig.java +++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/WebSecurityConfig.java @@ -28,7 +28,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { http.apply(new AuthorizationFilterConfigurer(authorizationProvider, utils)); http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); http.authorizeRequests().anyRequest().permitAll(); - http.httpBasic(); + http.httpBasic().authenticationEntryPoint(new EntryPoint()); } }