Skip to content

Instantly share code, notes, and snippets.

@Shallako
Last active September 17, 2020 01:32
Show Gist options
  • Save Shallako/1cd75526ea084c9696a1b5b08d1e49e3 to your computer and use it in GitHub Desktop.
Save Shallako/1cd75526ea084c9696a1b5b08d1e49e3 to your computer and use it in GitHub Desktop.
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
/**
* Security Configuration - LDAP and HTTP Basic Authorizations.
*/
@Configuration
@PropertySource("classpath:application.properties")
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private static final Logger LOG = LoggerFactory.getLogger(SecurityConfig.class);
@Value("${secure-end-points}") private String secureEndPoints;
@Value("${user-search-filter}") private String userSearchFilter;
@Value("${user-dn-patterns}") private String userDnPatterns;
@Value("${ldap-url}") private String url;
@Value("${ldap-port}") private String port;
@Value("${ldap-context-root}") private String contextRoot;
@Value("${manager-dn}") private String managerDn;
@Value("${manager-password}") private String managerPassword;
/**
* Default constructor
*/
public SecurityConfig() {
super();
}
@Override protected void configure(HttpSecurity http) throws Exception {
final String[] endPointsArray = this.secureEndPoints.split(",");
http.csrf()
.disable()
.requestMatchers()
.antMatchers(endPointsArray)
.and()
.authorizeRequests()
.antMatchers(endPointsArray)
.authenticated()
.and()
.httpBasic()
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
@Override protected void configure(AuthenticationManagerBuilder auth) throws Exception {
try {
String completeUrl = new StringBuffer(this.url).append(":")
.append(this.port)
.append("/")
.append(this.contextRoot)
.toString();
auth.ldapAuthentication()
.userSearchFilter(userSearchFilter)
.userDnPatterns(userDnPatterns)
.contextSource()
.url(completeUrl)
.managerDn(managerDn)
.managerPassword(managerPassword);
}
catch (Exception ex) {
LOG.error("Handle exception here");
throw ex;
}
}
/**
* In order to resolve ${...} placeholders in definitions or @Value annotations using properties
* from a PropertySource, one must register a PropertySourcesPlaceholderConfigurer. This happens
* automatically when using XML configuration, but must be explicitly registered using a static
* @Bean method when using @Configuration classes.
*/
@Bean public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
return new PropertySourcesPlaceholderConfigurer();
}
}
@justingarrick
Copy link

Suggest getting rid of local string variables for demo purposes as well. Might be a client best practice, but not a general one.

@justingarrick
Copy link

Might want to replace this with a simple LOG.error("Handle exception here"); for demo purposes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment