From 8de4fba819ecd59c75be41718338b579eaf5264d Mon Sep 17 00:00:00 2001 From: siewrgrz Date: Tue, 17 Mar 2020 12:15:53 +0100 Subject: [PATCH] Spring Security for profile not dev fix --- .../mixeway/fortifyscaapi/SecurityConfig.java | 36 +++++++++---------- .../service/FortifyRestApiService.java | 6 ---- 2 files changed, 18 insertions(+), 24 deletions(-) diff --git a/src/main/java/io/mixeway/fortifyscaapi/SecurityConfig.java b/src/main/java/io/mixeway/fortifyscaapi/SecurityConfig.java index 7a0cb53..46881c6 100644 --- a/src/main/java/io/mixeway/fortifyscaapi/SecurityConfig.java +++ b/src/main/java/io/mixeway/fortifyscaapi/SecurityConfig.java @@ -25,8 +25,7 @@ @EnableGlobalMethodSecurity(prePostEnabled = true) public class SecurityConfig { - @Value("${allowed.users}") - private String commonNames; + @Profile("dev") @Configuration @@ -48,6 +47,9 @@ protected void configure(HttpSecurity http) throws Exception { @Configuration public static class ProdSecurityConfiguration extends WebSecurityConfigurerAdapter { + @Value("${allowed.users}") + private String commonNames; + @Override protected void configure(HttpSecurity http) throws Exception { System.out.println("Enabling production mode"); @@ -61,25 +63,23 @@ protected void configure(HttpSecurity http) throws Exception { .subjectPrincipalRegex("CN=(.*?)(?:,|$)") .userDetailsService(userDetailsService()); } - } - - - @Bean - public UserDetailsService userDetailsService() { - return new UserDetailsService() { - @Override - public UserDetails loadUserByUsername(String username) { + @Bean + public UserDetailsService userDetailsService() { + return username -> { if (verifyCN(username)) { return new User(username, "", AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER")); } else throw new UsernameNotFoundException("User not found!"); - } - }; - } - private boolean verifyCN(String cn){ - List allowedCNs = - Stream.of(commonNames.split(",")) - .collect(Collectors.toList()); - return allowedCNs.contains(cn); + }; + } + private boolean verifyCN(String cn){ + List allowedCNs = + Stream.of(commonNames.split(",")) + .collect(Collectors.toList()); + return allowedCNs.contains(cn); + } } + + + } diff --git a/src/main/java/io/mixeway/fortifyscaapi/service/FortifyRestApiService.java b/src/main/java/io/mixeway/fortifyscaapi/service/FortifyRestApiService.java index 3907fb9..67ee747 100644 --- a/src/main/java/io/mixeway/fortifyscaapi/service/FortifyRestApiService.java +++ b/src/main/java/io/mixeway/fortifyscaapi/service/FortifyRestApiService.java @@ -73,17 +73,11 @@ public void createScanProcess(CreateScanRequest createScanRequest, FortifyScan f gitResponse = gitClient.pull(createScanRequest,project, path); if (!gitResponse.getStatus()) throw new Exception("Some kind of error during pulling repo for " + project.getProjectName()); - logger.info("Successfully fetched repo for {} commid id is {} branch {}", - project.getProjectName(), - gitResponse.getCommitId(), - project.getBranch() ); - } else { //git clone gitResponse = gitClient.clone(createScanRequest,project, path); if (!gitResponse.getStatus()) throw new Exception("Some kind of error during cloning repo for " + project.getProjectName()); - logger.info("Successfully cloned repo for {} commit id is {}", project.getProjectName(),gitResponse.getCommitId()); } fortifyScaClient.runTranslateForRequest(createScanRequest,project,fortifyScan); }