Produced by Araxis Merge on 4/2/2019 1:06:54 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | C:\AraxisMergeCompare\Pri_un\ARS_Backend\ars_app\src\main\java\gov\va\med\ars\configuration\security | OAuth2SecurityConfig.java | Wed Mar 27 19:22:45 2019 UTC |
2 | C:\AraxisMergeCompare\Pri_re\ARS_Backend\ars_app\src\main\java\gov\va\med\ars\configuration\security | OAuth2SecurityConfig.java | Thu Mar 28 17:50:38 2019 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 2 | 146 |
Changed | 1 | 2 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | package go v.va.med.a rs.configu ration.sec urity; | |
2 | ||
3 | import jav ax.servlet .http.Http ServletRes ponse; | |
4 | import jav ax.sql.Dat aSource; | |
5 | ||
6 | import org .springfra mework.bea ns.factory .annotatio n.Autowire d; | |
7 | import org .springfra mework.con text.annot ation.Bean ; | |
8 | import org .springfra mework.con text.annot ation.Conf iguration; | |
9 | import org .springfra mework.sec urity.auth entication .Authentic ationManag er; | |
10 | import org .springfra mework.sec urity.conf ig.annotat ion.authen tication.b uilders.Au thenticati onManagerB uilder; | |
11 | import org .springfra mework.sec urity.conf ig.annotat ion.method .configura tion.Enabl eGlobalMet hodSecurit y; | |
12 | import org .springfra mework.sec urity.conf ig.annotat ion.web.bu ilders.Htt pSecurity; | |
13 | import org .springfra mework.sec urity.conf ig.annotat ion.web.co nfiguratio n.EnableWe bSecurity; | |
14 | import org .springfra mework.sec urity.conf ig.annotat ion.web.co nfiguratio n.WebSecur ityConfigu rerAdapter ; | |
15 | import org .springfra mework.sec urity.web. authentica tion.www.B asicAuthen ticationFi lter; | |
16 | ||
17 | import gov .va.med.ar s.configur ation.spri ng.XSSFilt er; | |
18 | ||
19 | /** | |
20 | * | |
21 | * @author
|
|
22 | * | |
23 | */ | |
24 | @Configura tion | |
25 | @EnableWeb Security | |
26 | @EnableGlo balMethodS ecurity(pr ePostEnabl ed = true) | |
27 | public cla ss OAuth2S ecurityCon fig extend s WebSecur ityConfigu rerAdapter { | |
28 | ||
29 | @A utowired | |
30 | Da taSource d ataSource; | |
31 | ||
32 | /* @Autowired | |
33 | XS SFilter xs sFilter;*/ | |
34 | ||
35 | /* @Autowired | |
36 | pu blic void globalUser Details(Au thenticati onManagerB uilder aut h) throws Exception { | |
37 | *//* * | |
38 | * M odified by Muneshwar Baiah as part Build 1 Sprint2 to store the Oauth2 client de tails | |
39 | *// * | |
40 | auth .jdbcAuthe ntication( ).dataSour ce(dataSou rce) | |
41 | .use rsByUserna meQuery("s elect user name, pass word, enab led from o auth_clien t_info whe re usernam e=?") | |
42 | .aut horitiesBy UsernameQu ery("selec t username , authorit y from oa uth_client _authoriti es where u sername=?" ); | |
43 | }* / | |
44 | ||
45 | @A utowired | |
46 | pu blic void globalUser Details(Au thenticati onManagerB uilder aut h) throws Exception { | |
47 | auth .inMemoryA uthenticat ion() | |
48 | .wit hUser("ars ").passwor d("ars").r oles("ADMI N") | |
49 | .and () | |
50 | .wit hUser("ars 2").passwo rd("ars2") .roles("US ER") | |
51 | .and () | |
52 | .wit hUser("ca2 77").passw ord("ca277 ").roles(" ECAMS"); | |
53 | } | |
54 | ||
55 | @O verride | |
56 | @B ean | |
57 | pu blic Authe nticationM anager aut henticatio nManagerBe an() throw s Exceptio n { | |
58 | retu rn super.a uthenticat ionManager Bean(); | |
59 | } | |
60 | ||
61 | @O verride | |
62 | pr otected vo id configu re(HttpSec urity http ) throws E xception { | |
63 | http .csrf().di sable() | |
64 | .exc eptionHand ling() | |
65 | .aut henticatio nEntryPoin t((request , response , authExce ption) -> response.s endError(H ttpServlet Response.S C_UNAUTHOR IZED)) | |
66 | .and () | |
67 | .aut horizeRequ ests() | |
68 | .ant Matchers(" /**").auth enticated( ) | |
69 | .and () | |
70 | .htt pBasic(); | |
71 | ||
72 | //ht tp.addFilt erBefore(x ssFilter, BasicAuthe nticationF ilter.clas s); | |
73 | } | |
74 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.