Summary Table

Categories Total Count
PII 0
URL 0
DNS 0
EKL 0
IP 0
PORT 0
VsID 0
CF 0
AI 0
VPD 0
PL 0
Other 0

File Content

package gov.va.med.pbm.ampl.configuration;

import org.springframework.boot.web.server.ErrorPage;
import org.springframework.boot.web.server.ErrorPageRegistrar;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.firewall.RequestRejectedException;

/**
* This class configures the security for the Spring Boot application.
*
* @author Ian Meinert
* @since 1.0
*/
@EnableWebSecurity
public class SecurityConfigurer extends WebSecurityConfigurerAdapter {

/**
* This method configures the Http security.
*
* @throws Exception
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll().and().x509().subjectPrincipalRegex("CN=(.*?)(?:,|$)")
.userDetailsService(userDetailsService()).and().formLogin().disable();
}

/**
* Provides authentication service between the Spring application and Node web service.
*
* @return UserDetailsService
*/
@Bean
public UserDetailsService userDetailsService() {
return (username -> {
if (username.equals("codependent-client1") || username.equals("codependent-client2")) {
return new User(username, new String(), AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
} else {
return null;
}
});
}

/**
* Registers error pages for identified exceptions.
*
* @return an updated ErrorPageRegistrar
*/
@Bean
public static ErrorPageRegistrar securityErrorPageRegistrar() {
return registry -> registry.addErrorPages(new ErrorPage(RequestRejectedException.class, "/errors/500"));
}
}