diff --git a/dmp-backend/src/main/java/security/CustomAuthenticationProvider.java b/dmp-backend/src/main/java/security/CustomAuthenticationProvider.java
index d244df8d7..e905aec77 100644
--- a/dmp-backend/src/main/java/security/CustomAuthenticationProvider.java
+++ b/dmp-backend/src/main/java/security/CustomAuthenticationProvider.java
@@ -32,8 +32,13 @@ public class CustomAuthenticationProvider implements AuthenticationProvider {
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+ System.out.println("AUTHENTICATION");
+ System.out.println(authentication);
+
if (authentication != null) {
+ System.out.println((String)authentication.getCredentials());
+
String token = (String)authentication.getCredentials();
TokenValidator tokenValidator = null;
@@ -63,10 +68,6 @@ public class CustomAuthenticationProvider implements AuthenticationProvider {
}
else
throw new AuthenticationServiceException("Authentication failed");
-
-
-// //DELETE THIS, USE THE ABOVE
-// return new UsernamePasswordAuthenticationToken("", "", new ArrayList<>());
}
diff --git a/dmp-backend/src/main/java/security/TokenAuthenticationFilter.java b/dmp-backend/src/main/java/security/TokenAuthenticationFilter.java
index fbb2eda06..492b35ca9 100644
--- a/dmp-backend/src/main/java/security/TokenAuthenticationFilter.java
+++ b/dmp-backend/src/main/java/security/TokenAuthenticationFilter.java
@@ -45,7 +45,7 @@ public class TokenAuthenticationFilter extends GenericFilterBean {
httpResponse.setHeader("Access-Control-Allow-Origin", "*");
httpResponse.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
httpResponse.setHeader("Access-Control-Max-Age", "7200");
- httpResponse.setHeader("Access-Control-Allow-Headers", "content-type, "+HEADER_NATIVE_TOKEN_FIELD+", "+HEADER_GOOGLE_TOKEN_FIELD);
+ httpResponse.setHeader("Access-Control-Allow-Headers", "content-type, X-CSRF-Token, "+HEADER_NATIVE_TOKEN_FIELD+", "+HEADER_GOOGLE_TOKEN_FIELD);
// httpResponse.addHeader("Access-Control-Expose-Headers", "xsrf-token , " +HEADER_NATIVE_TOKEN_FIELD+", "+HEADER_GOOGLE_TOKEN_FIELD);
diff --git a/dmp-backend/src/main/webapp/WEB-INF/spring-security.xml b/dmp-backend/src/main/webapp/WEB-INF/spring-security.xml
index 2abfd9bc6..fc919aa63 100644
--- a/dmp-backend/src/main/webapp/WEB-INF/spring-security.xml
+++ b/dmp-backend/src/main/webapp/WEB-INF/spring-security.xml
@@ -20,6 +20,8 @@
+
+