Show AC app data visualization in new metrics tab

[portal/ric-dashboard.git] / webapp-backend / src / main / java / org / oransc / ric / portal / dashboard / config / WebSecurityConfiguration.java

diff --git a/webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/config/WebSecurityConfiguration.java b/webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/config/WebSecurityConfiguration.java
index 4429701..92ea75e 100644 (file)
--- a/webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/config/WebSecurityConfiguration.java
+++ b/webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/config/WebSecurityConfiguration.java
@@ -21,6 +21,7 @@ package org.oransc.ric.portal.dashboard.config;
 
 import java.io.IOException;
 import java.lang.invoke.MethodHandles;
+import java.lang.reflect.InvocationTargetException;
 
 import org.onap.portalsdk.core.onboarding.crossapi.PortalRestAPIProxy;
 import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
@@ -48,6 +49,7 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 
 @Configuration
 @EnableWebSecurity
@@ -76,7 +78,8 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
                logger.debug("configure: portalapi.username {}", userName);
                // A chain of ".and()" always baffles me
                http.authorizeRequests().anyRequest().authenticated();
-               // http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
+               http.headers().frameOptions().disable();
+               http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
                http.addFilterBefore(portalAuthenticationFilterBean(), BasicAuthenticationFilter.class);
        }
 
@@ -101,8 +104,9 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
                        AppManagerController.CONTROLLER_PATH + "/" + AppManagerController.VERSION_METHOD, //
                        E2ManagerController.CONTROLLER_PATH + "/" + E2ManagerController.HEALTH_METHOD, //
                        E2ManagerController.CONTROLLER_PATH + "/" + E2ManagerController.VERSION_METHOD, //
-                       DashboardConstants.LOGIN_PAGE, //
-                       SimpleErrorController.ERROR_PATH };
+                       SimpleErrorController.ERROR_PATH, //
+                       DashboardConstants.LOGIN_PAGE //
+       };
 
        @Override
        public void configure(WebSecurity web) throws Exception {
@@ -112,7 +116,8 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
        @Bean
        public PortalAuthManager portalAuthManagerBean()
-                       throws IOException, ClassNotFoundException, InstantiationException, IllegalAccessException {
+                       throws IOException, ClassNotFoundException, InstantiationException, IllegalAccessException,
+                       IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException {
                return new PortalAuthManager(appName, userName, password, decryptor, userCookie);
        }
 
@@ -131,7 +136,8 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
         * correctly.
         */
        public PortalAuthenticationFilter portalAuthenticationFilterBean()
-                       throws ClassNotFoundException, InstantiationException, IllegalAccessException, IOException {
+                       throws ClassNotFoundException, InstantiationException, IllegalAccessException, IOException,
+                       IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException {
                PortalAuthenticationFilter portalAuthenticationFilter = new PortalAuthenticationFilter(portalAuthManagerBean(),
                                dashboardUserManagerBean());
                return portalAuthenticationFilter;