Fix some issues. Remove origins temporaly
This commit is contained in:
parent
6013bae4c5
commit
2db7769965
|
@ -37,12 +37,9 @@ public class AuthorizationFilter implements Filter {
|
|||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
String token = utils.getToken(request);
|
||||
if (token != null) {
|
||||
System.out.println(token);
|
||||
Authentication auth = authorizationProvider.getAuthentication(token);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
} else {
|
||||
HttpServletResponse response = (HttpServletResponse) res;
|
||||
response.sendError(HttpStatus.UNAUTHORIZED.value(), "No token has been found");
|
||||
return;
|
||||
}
|
||||
filterChain.doFilter(req, res);
|
||||
}
|
||||
|
|
|
@ -6,7 +6,6 @@ import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
|||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
||||
|
||||
public class AuthorizationFilterConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
|
||||
|
||||
|
@ -27,7 +26,7 @@ public class AuthorizationFilterConfigurer extends SecurityConfigurerAdapter<Def
|
|||
@Override
|
||||
public void configure(HttpSecurity http) throws Exception {
|
||||
AuthorizationFilter customFilter = new AuthorizationFilter(authorizationProvider, utils);
|
||||
http.addFilterBefore(customFilter, BasicAuthenticationFilter.class);
|
||||
http.addFilterBefore(customFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -20,7 +20,6 @@ public class CorsConfig extends WebMvcConfigurerAdapter {
|
|||
public void addCorsMappings(CorsRegistry registry) {
|
||||
registry.addMapping("/**")
|
||||
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
||||
.allowedOrigins(securityConfig.getOriginServer())
|
||||
.allowCredentials(true);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,7 +9,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
|
|||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
|
||||
@EnableGlobalMethodSecurity(securedEnabled = true)
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||
@EnableWebSecurity
|
||||
@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.*"})
|
||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
|
Loading…
Reference in New Issue