MaDgiK-CITE
/
argos
13
0
Fork 0
Code Issues Pull Requests Projects Releases 3 Wiki Activity

Merge branch 'master' of gitlab.eudat.eu:dmp/OpenAIRE-EUDAT-DMP-service-pilot

This commit is contained in:
annampak 2017-10-17 10:38:16 +03:00
parent 7a11d3bb58 2cae022c23
commit b551221222
3 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
dmp-backend/src/main/java/security/CustomAuthenticationProvider.java
View File

@ -32,8 +32,13 @@ public class CustomAuthenticationProvider implements AuthenticationProvider {
@Override @Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException { public Authentication authenticate(Authentication authentication) throws AuthenticationException {
System.out.println("AUTHENTICATION");
System.out.println(authentication);
if (authentication != null) { if (authentication != null) {
System.out.println((String)authentication.getCredentials());
String token = (String)authentication.getCredentials(); String token = (String)authentication.getCredentials();
TokenValidator tokenValidator = null; TokenValidator tokenValidator = null;
@ -63,10 +68,6 @@ public class CustomAuthenticationProvider implements AuthenticationProvider {
} }
else else
throw new AuthenticationServiceException("Authentication failed"); throw new AuthenticationServiceException("Authentication failed");
// //DELETE THIS, USE THE ABOVE
// return new UsernamePasswordAuthenticationToken("", "", new ArrayList<>());
} }

2
dmp-backend/src/main/java/security/TokenAuthenticationFilter.java
View File

@ -45,7 +45,7 @@ public class TokenAuthenticationFilter extends GenericFilterBean {
httpResponse.setHeader("Access-Control-Allow-Origin", "*"); httpResponse.setHeader("Access-Control-Allow-Origin", "*");
httpResponse.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS"); httpResponse.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
httpResponse.setHeader("Access-Control-Max-Age", "7200"); httpResponse.setHeader("Access-Control-Max-Age", "7200");
httpResponse.setHeader("Access-Control-Allow-Headers", "content-type, "+HEADER_NATIVE_TOKEN_FIELD+", "+HEADER_GOOGLE_TOKEN_FIELD); httpResponse.setHeader("Access-Control-Allow-Headers", "content-type, X-CSRF-Token, "+HEADER_NATIVE_TOKEN_FIELD+", "+HEADER_GOOGLE_TOKEN_FIELD);
// httpResponse.addHeader("Access-Control-Expose-Headers", "xsrf-token , " +HEADER_NATIVE_TOKEN_FIELD+", "+HEADER_GOOGLE_TOKEN_FIELD); // httpResponse.addHeader("Access-Control-Expose-Headers", "xsrf-token , " +HEADER_NATIVE_TOKEN_FIELD+", "+HEADER_GOOGLE_TOKEN_FIELD);

2
dmp-backend/src/main/webapp/WEB-INF/spring-security.xml
View File

@ -20,6 +20,8 @@
<!-- Default to Spring MVC's CORS configuration --> <!-- Default to Spring MVC's CORS configuration -->
<cors /> <cors />
<!-- disable csrf checks -->
<csrf disabled="true"/>
<custom-filter after="BASIC_AUTH_FILTER" ref="tokenAuthenticationFilter" /> <custom-filter after="BASIC_AUTH_FILTER" ref="tokenAuthenticationFilter" />
<intercept-url pattern="/**" access="isAuthenticated()" /> <intercept-url pattern="/**" access="isAuthenticated()" />