diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/boot/AbstractSpringBootApplication.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/boot/AbstractSpringBootApplication.java index 0c732ef0e6f..f66cc694a8b 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/boot/AbstractSpringBootApplication.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/boot/AbstractSpringBootApplication.java @@ -8,9 +8,14 @@ import javax.servlet.DispatcherType; +import com.evolveum.midpoint.web.security.MidpointAutowiredBeanFactoryObjectPostProcessor; +import com.evolveum.midpoint.web.security.MidpointSessionRegistry; +import com.evolveum.midpoint.web.security.RemoveUnusedSecurityFilterPublisher; + import org.apache.wicket.Application; import org.apache.wicket.protocol.http.WicketFilter; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.config.AutowireCapableBeanFactory; import org.springframework.beans.factory.config.BeanFactoryPostProcessor; import org.springframework.boot.actuate.autoconfigure.endpoint.EndpointAutoConfiguration; import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointAutoConfiguration; @@ -39,6 +44,9 @@ import org.springframework.boot.web.servlet.ServletListenerRegistrationBean; import org.springframework.boot.web.servlet.support.SpringBootServletInitializer; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Primary; +import org.springframework.security.config.annotation.ObjectPostProcessor; +import org.springframework.security.core.session.SessionRegistry; import org.springframework.web.context.request.RequestContextListener; import org.springframework.web.filter.DelegatingFilterProxy; import ro.isdc.wro.http.WroFilter; @@ -137,9 +145,20 @@ public ErrorPageRegistrar errorPageRegistrar() { return new MidPointErrorPageRegistrar(); } + @Bean + public SessionRegistry sessionRegistry(RemoveUnusedSecurityFilterPublisher removeUnusedSecurityFilterPublisher) { + return new MidpointSessionRegistry(removeUnusedSecurityFilterPublisher); + } + @Bean public static BeanFactoryPostProcessor beanFactoryPostProcessor() { return factory -> factory.registerScope("sessionAndRequest", new SessionAndRequestScopeImpl()); } + + @Primary + @Bean + public ObjectPostProcessor postProcessor(AutowireCapableBeanFactory autowireBeanFactory) { + return new MidpointAutowiredBeanFactoryObjectPostProcessor(autowireBeanFactory); + } } diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/BasicWebSecurityConfig.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/BasicWebSecurityConfig.java index 15aafe45328..6e8da7380a7 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/BasicWebSecurityConfig.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/BasicWebSecurityConfig.java @@ -115,17 +115,6 @@ public AuditedAccessDeniedHandler accessDeniedHandler() { return objectObjectPostProcessor.postProcess(new AuditedAccessDeniedHandler()); } - @Primary - @Bean - public ObjectPostProcessor postProcessor(AutowireCapableBeanFactory autowireBeanFactory) { - return new MidpointAutowireBeanFactoryObjectPostProcessor(autowireBeanFactory); - } - - @Bean - public SessionRegistry sessionRegistry(RemoveUnusedSecurityFilterPublisher removeUnusedSecurityFilterPublisher) { - return new MidpointSessionRegistry(removeUnusedSecurityFilterPublisher); - } - @Bean public AuthenticationEntryPoint authenticationEntryPoint() { return new WicketLoginUrlAuthenticationEntryPoint("/login"); diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidpointAutowireBeanFactoryObjectPostProcessor.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidpointAutowiredBeanFactoryObjectPostProcessor.java similarity index 81% rename from gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidpointAutowireBeanFactoryObjectPostProcessor.java rename to gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidpointAutowiredBeanFactoryObjectPostProcessor.java index 4d6f773af9d..5d9810759a1 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidpointAutowireBeanFactoryObjectPostProcessor.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidpointAutowiredBeanFactoryObjectPostProcessor.java @@ -24,15 +24,15 @@ * @author skublik */ -public class MidpointAutowireBeanFactoryObjectPostProcessor implements ObjectPostProcessor, DisposableBean, SmartInitializingSingleton { - private static final Trace LOGGER = TraceManager.getTrace(MidpointAutowireBeanFactoryObjectPostProcessor.class); - private final AutowireCapableBeanFactory autowireBeanFactory; +public class MidpointAutowiredBeanFactoryObjectPostProcessor implements ObjectPostProcessor, DisposableBean, SmartInitializingSingleton { + private static final Trace LOGGER = TraceManager.getTrace(MidpointAutowiredBeanFactoryObjectPostProcessor.class); + private final AutowireCapableBeanFactory autowiredBeanFactory; private final List disposableBeans = new ArrayList(); private final List smartSingletons = new ArrayList(); - MidpointAutowireBeanFactoryObjectPostProcessor(AutowireCapableBeanFactory autowireBeanFactory) { - Assert.notNull(autowireBeanFactory, "autowireBeanFactory cannot be null"); - this.autowireBeanFactory = autowireBeanFactory; + public MidpointAutowiredBeanFactoryObjectPostProcessor(AutowireCapableBeanFactory autowiredBeanFactory) { + Assert.notNull(autowiredBeanFactory, "autowiredBeanFactory cannot be null"); + this.autowiredBeanFactory = autowiredBeanFactory; } public T postProcess(T object) { @@ -42,13 +42,13 @@ public T postProcess(T object) { Object result = null; try { - result = this.autowireBeanFactory.initializeBean(object, object.toString()); + result = this.autowiredBeanFactory.initializeBean(object, object.toString()); } catch (RuntimeException var5) { Class type = object.getClass(); throw new RuntimeException("Could not postProcess " + object + " of type " + type, var5); } - this.autowireBeanFactory.autowireBean(object); + this.autowiredBeanFactory.autowireBean(object); if (result instanceof DisposableBean) { this.disposableBeans.add((DisposableBean)result); } diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/RemoveUnusedSecurityFilterListener.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/RemoveUnusedSecurityFilterListener.java index 50b0f8dc6d8..6d6a1310e8c 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/RemoveUnusedSecurityFilterListener.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/RemoveUnusedSecurityFilterListener.java @@ -32,11 +32,11 @@ public void onApplicationEvent(RemoveUnusedSecurityFilterEvent event) { LOGGER.trace("Received spring RemoveUnusedSecurityFilterEvent event - " + event.getMpAuthentication()); if (event.getMpAuthentication() != null && CollectionUtils.isNotEmpty(event.getMpAuthentication().getAuthModules()) - && objectObjectPostProcessor instanceof MidpointAutowireBeanFactoryObjectPostProcessor) { + && objectObjectPostProcessor instanceof MidpointAutowiredBeanFactoryObjectPostProcessor) { for (AuthModule module : event.getMpAuthentication().getAuthModules()) { if (module.getSecurityFilterChain() != null && CollectionUtils.isNotEmpty(module.getSecurityFilterChain().getFilters())) { - ((MidpointAutowireBeanFactoryObjectPostProcessor)objectObjectPostProcessor).destroyAndRemoveFilters(module.getSecurityFilterChain().getFilters()); + ((MidpointAutowiredBeanFactoryObjectPostProcessor)objectObjectPostProcessor).destroyAndRemoveFilters(module.getSecurityFilterChain().getFilters()); } } } diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/filter/MidpointFilterChainProxy.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/filter/MidpointFilterChainProxy.java index 4a28c0e794a..ced0256cec1 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/filter/MidpointFilterChainProxy.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/filter/MidpointFilterChainProxy.java @@ -14,15 +14,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import com.evolveum.midpoint.model.api.authentication.AuthModule; -import com.evolveum.midpoint.model.api.authentication.MidpointAuthentication; -import com.evolveum.midpoint.web.security.MidpointAutowireBeanFactoryObjectPostProcessor; - -import org.apache.catalina.connector.RequestFacade; -import org.apache.commons.collections4.CollectionUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.config.annotation.ObjectPostProcessor; -import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.FilterChainProxy; import org.springframework.security.web.FilterInvocation;