From 63c25661e7cc993840c43216e9e21ecf14839f84 Mon Sep 17 00:00:00 2001 From: Nasruddin Date: Wed, 8 Mar 2023 12:13:44 +0530 Subject: [PATCH 1/2] Dummy commit --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 85e7c1d..377dddf 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /.idea/ +/Status From 49b8267bcfd02204644abd130e6dc0d58619c2c7 Mon Sep 17 00:00:00 2001 From: Nasruddin Date: Sat, 17 Feb 2024 20:49:12 +0530 Subject: [PATCH 2/2] Upgrade to spring boot 3.0.5 --- .idea/compiler.xml | 2 +- docker/docker-compose.yml | 16 +++--- .../course-composite-service/pom.xml | 2 +- .../course/configuration/OpenApi.java | 2 +- .../service/CourseCompositeIntegration.java | 27 +++++----- microservices/course-service/pom.xml | 2 +- .../core/course/PersistenceTests.java | 2 - microservices/search-service/pom.xml | 2 +- .../search/persistence/ElasticRepository.java | 12 ++--- microservices/student-service/pom.xml | 2 +- .../student/persistence/StudentEntity.java | 5 +- .../persistence/StudentRepository.java | 6 ++- microservices/vote-service/pom.xml | 2 +- pom.xml | 2 +- .../AuthorizationServerConfig.java | 49 ++++++++++++++----- .../configuration/DefaultSecurityConfig.java | 10 ++-- .../configserver/SecurityConfig.java | 33 ++++++++----- .../configuration/SecurityConfig.java | 21 ++++---- 18 files changed, 119 insertions(+), 78 deletions(-) diff --git a/.idea/compiler.xml b/.idea/compiler.xml index c85c2fd..a02af30 100644 --- a/.idea/compiler.xml +++ b/.idea/compiler.xml @@ -12,8 +12,8 @@ - + diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 28f1e7e..b842a31 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -3,7 +3,7 @@ version: '2.1' services: course: build: ../microservices/course-service - image: javatab/course_service:v1 + image: javatab/course_service:v2 mem_limit: 512m environment: - SPRING_PROFILES_ACTIVE=docker @@ -15,7 +15,7 @@ services: search: build: ../microservices/search-service - image: javatab/search_service:v1 + image: javatab/search_service:v2 mem_limit: 512m environment: - SPRING_PROFILES_ACTIVE=docker @@ -27,7 +27,7 @@ services: student: build: ../microservices/student-service - image: javatab/student_service:v1 + image: javatab/student_service:v2 mem_limit: 512m environment: - SPRING_PROFILES_ACTIVE=docker @@ -39,7 +39,7 @@ services: vote: build: ../microservices/vote-service - image: javatab/vote_service:v1 + image: javatab/vote_service:v2 mem_limit: 512m environment: - SPRING_PROFILES_ACTIVE=docker @@ -51,7 +51,7 @@ services: course-composite: build: ../microservices/course-composite-service - image: javatab/course_composite_service:v1 + image: javatab/course_composite_service:v2 mem_limit: 512m environment: - SPRING_PROFILES_ACTIVE=docker @@ -71,7 +71,7 @@ services: retries: 60 postgres: - image: postgres:alpine3.15 + image: postgres:13.7-alpine3.16 mem_limit: 512m ports: - "5432:5432" @@ -119,6 +119,7 @@ services: eureka: build: ../spring-cloud/eureka-server + image: javatab/eureka:v2 mem_limit: 512m environment: - SPRING_PROFILES_ACTIVE=docker @@ -127,6 +128,7 @@ services: gateway: build: ../spring-cloud/gateway + image: javatab/gateway:v2 mem_limit: 512m ports: - "8443:8443" @@ -144,6 +146,7 @@ services: - CONFIG_SERVER_USR=${CONFIG_SERVER_USR} - CONFIG_SERVER_PWD=${CONFIG_SERVER_PWD} build: ../spring-cloud/authorization-server + image: javatab/auth-server:v2 mem_limit: 512m #healthcheck: # test: "curl --fail --silent http://localhost:9999/actuator/health | grep UP || exit 1" @@ -153,6 +156,7 @@ services: config-server: build: ../spring-cloud/config-server + image: javatab/config-server:v2 mem_limit: 512m environment: - SPRING_PROFILES_ACTIVE=docker,native diff --git a/microservices/course-composite-service/pom.xml b/microservices/course-composite-service/pom.xml index b784d8f..4f260f6 100644 --- a/microservices/course-composite-service/pom.xml +++ b/microservices/course-composite-service/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.6.6 + 3.0.5 io.javatab.microservices.composite.course diff --git a/microservices/course-composite-service/src/main/java/io/javatab/microservices/composite/course/configuration/OpenApi.java b/microservices/course-composite-service/src/main/java/io/javatab/microservices/composite/course/configuration/OpenApi.java index 44a8d35..918b0f1 100644 --- a/microservices/course-composite-service/src/main/java/io/javatab/microservices/composite/course/configuration/OpenApi.java +++ b/microservices/course-composite-service/src/main/java/io/javatab/microservices/composite/course/configuration/OpenApi.java @@ -22,7 +22,7 @@ scopes = { @OAuthScope(name = "course:read", description = "read scope"), - @OAuthScope(name = "write:write", description = + @OAuthScope(name = "course:write", description = "write scope") } ))) diff --git a/microservices/course-composite-service/src/main/java/io/javatab/microservices/composite/course/service/CourseCompositeIntegration.java b/microservices/course-composite-service/src/main/java/io/javatab/microservices/composite/course/service/CourseCompositeIntegration.java index bf0da74..cc0e177 100644 --- a/microservices/course-composite-service/src/main/java/io/javatab/microservices/composite/course/service/CourseCompositeIntegration.java +++ b/microservices/course-composite-service/src/main/java/io/javatab/microservices/composite/course/service/CourseCompositeIntegration.java @@ -12,6 +12,7 @@ import io.javatab.microservices.util.http.HttpErrorInfo; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.http.HttpStatusCode; import org.springframework.stereotype.Component; import org.springframework.web.reactive.function.client.WebClient; import org.springframework.web.reactive.function.client.WebClientResponseException; @@ -20,6 +21,8 @@ import java.io.IOException; import static java.util.logging.Level.FINE; +import static org.springframework.http.HttpStatus.NOT_FOUND; +import static org.springframework.http.HttpStatus.UNPROCESSABLE_ENTITY; @Component public class CourseCompositeIntegration implements CourseService, StudentService, VoteService { @@ -50,26 +53,20 @@ private String getErrorMessage(WebClientResponseException ex) { private Throwable handleException(Throwable ex) { - if (!(ex instanceof WebClientResponseException)) { + if (!(ex instanceof WebClientResponseException webClientResponseException)) { LOG.warn("Got a unexpected error: {}, will rethrow it", ex.toString()); return ex; } - WebClientResponseException wcre = (WebClientResponseException)ex; - - switch (wcre.getStatusCode()) { - - case NOT_FOUND: - return new NotFoundException(getErrorMessage(wcre)); - - case UNPROCESSABLE_ENTITY : - return new InvalidInputException(getErrorMessage(wcre)); - - default: - LOG.warn("Got an unexpected HTTP error: {}, will rethrow it", wcre.getStatusCode()); - LOG.warn("Error body: {}", wcre.getResponseBodyAsString()); - return ex; + HttpStatusCode statusCode = webClientResponseException.getStatusCode(); + if (NOT_FOUND.equals(statusCode)) { + return new NotFoundException(getErrorMessage(webClientResponseException)); + } else if (UNPROCESSABLE_ENTITY.equals(statusCode)) { + return new InvalidInputException(getErrorMessage(webClientResponseException)); } + LOG.warn("Got an unexpected HTTP error: {}, will rethrow it", webClientResponseException.getStatusCode()); + LOG.warn("Error body: {}", webClientResponseException.getResponseBodyAsString()); + return ex; } @Override public Mono getCourse(int courseId) { diff --git a/microservices/course-service/pom.xml b/microservices/course-service/pom.xml index b09a3e6..822382f 100644 --- a/microservices/course-service/pom.xml +++ b/microservices/course-service/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.6.6 + 3.0.5 io.javatab.microservices.core.course diff --git a/microservices/course-service/src/test/java/io/javatab/microservices/core/course/PersistenceTests.java b/microservices/course-service/src/test/java/io/javatab/microservices/core/course/PersistenceTests.java index bbc18aa..5549968 100644 --- a/microservices/course-service/src/test/java/io/javatab/microservices/core/course/PersistenceTests.java +++ b/microservices/course-service/src/test/java/io/javatab/microservices/core/course/PersistenceTests.java @@ -6,13 +6,11 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.autoconfigure.mongo.embedded.EmbeddedMongoAutoConfiguration; import org.springframework.boot.test.autoconfigure.data.mongo.DataMongoTest; import static org.junit.jupiter.api.Assertions.assertEquals; @DataMongoTest( - excludeAutoConfiguration = EmbeddedMongoAutoConfiguration.class, properties = {"spring.cloud.config.enabled=false"} ) public class PersistenceTests extends MongoDbTestBase { diff --git a/microservices/search-service/pom.xml b/microservices/search-service/pom.xml index ea9231f..79ae347 100644 --- a/microservices/search-service/pom.xml +++ b/microservices/search-service/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.6.6 + 3.0.5 io.javatab.microservices.core.search diff --git a/microservices/search-service/src/main/java/io/javatab/microservices/core/search/persistence/ElasticRepository.java b/microservices/search-service/src/main/java/io/javatab/microservices/core/search/persistence/ElasticRepository.java index c85016e..7932d9a 100644 --- a/microservices/search-service/src/main/java/io/javatab/microservices/core/search/persistence/ElasticRepository.java +++ b/microservices/search-service/src/main/java/io/javatab/microservices/core/search/persistence/ElasticRepository.java @@ -1,13 +1,10 @@ package io.javatab.microservices.core.search.persistence; +import co.elastic.clients.elasticsearch.core.DeleteResponse; +import co.elastic.clients.elasticsearch.core.IndexResponse; import com.fasterxml.jackson.databind.ObjectMapper; -import io.javatab.microservices.api.core.course.Course; -import org.elasticsearch.action.admin.indices.delete.DeleteIndexRequest; -import org.elasticsearch.action.delete.DeleteResponse; -import org.elasticsearch.action.index.IndexResponse; -import org.elasticsearch.client.RequestOptions; -import org.springframework.data.elasticsearch.client.reactive.ReactiveElasticsearchClient; +import org.springframework.data.elasticsearch.client.elc.ReactiveElasticsearchClient; import org.springframework.stereotype.Repository; import reactor.core.publisher.Mono; @@ -30,7 +27,8 @@ public Mono createCourse(SearchEntity course) { String id = UUID.randomUUID().toString(); Map documentMapper = objectMapper.convertValue(course, Map.class); - return client.index(indexRequest -> indexRequest.index(COURSE_INDEX).id(id).source(documentMapper)); + // return client.index(indexRequest -> indexRequest.index(COURSE_INDEX).id(id).source(documentMapper)); + return client.index(indexRequest -> indexRequest.index(COURSE_INDEX).id(id).document(documentMapper)); } public Mono deleteCourse() { diff --git a/microservices/student-service/pom.xml b/microservices/student-service/pom.xml index ff6afef..69fd621 100644 --- a/microservices/student-service/pom.xml +++ b/microservices/student-service/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.6.6 + 3.0.5 io.javatab.microservices.core.student diff --git a/microservices/student-service/src/main/java/io/javatab/microservices/core/student/persistence/StudentEntity.java b/microservices/student-service/src/main/java/io/javatab/microservices/core/student/persistence/StudentEntity.java index 6075dda..f8a0661 100644 --- a/microservices/student-service/src/main/java/io/javatab/microservices/core/student/persistence/StudentEntity.java +++ b/microservices/student-service/src/main/java/io/javatab/microservices/core/student/persistence/StudentEntity.java @@ -1,9 +1,12 @@ package io.javatab.microservices.core.student.persistence; +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.Id; +import jakarta.persistence.Table; import org.apache.commons.lang3.builder.EqualsBuilder; import org.apache.commons.lang3.builder.HashCodeBuilder; -import javax.persistence.*; @Entity @Table(name = "student") diff --git a/microservices/student-service/src/main/java/io/javatab/microservices/core/student/persistence/StudentRepository.java b/microservices/student-service/src/main/java/io/javatab/microservices/core/student/persistence/StudentRepository.java index 3e78e3f..cbaa867 100644 --- a/microservices/student-service/src/main/java/io/javatab/microservices/core/student/persistence/StudentRepository.java +++ b/microservices/student-service/src/main/java/io/javatab/microservices/core/student/persistence/StudentRepository.java @@ -1,7 +1,9 @@ package io.javatab.microservices.core.student.persistence; -import org.springframework.data.repository.PagingAndSortingRepository; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; -public interface StudentRepository extends PagingAndSortingRepository { +@Repository +public interface StudentRepository extends JpaRepository { } diff --git a/microservices/vote-service/pom.xml b/microservices/vote-service/pom.xml index cb7306c..da99384 100644 --- a/microservices/vote-service/pom.xml +++ b/microservices/vote-service/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.6.6 + 3.0.5 io.javatab.microservices.core.vote diff --git a/pom.xml b/pom.xml index 48c2a3f..4b8df10 100644 --- a/pom.xml +++ b/pom.xml @@ -15,7 +15,7 @@ org.springframework.boot spring-boot-starter-parent - 2.6.6 + 3.0.5 diff --git a/spring-cloud/authorization-server/src/main/java/io/javatab/springcloud/auth/configuration/AuthorizationServerConfig.java b/spring-cloud/authorization-server/src/main/java/io/javatab/springcloud/auth/configuration/AuthorizationServerConfig.java index 1102e05..54b5a7e 100644 --- a/spring-cloud/authorization-server/src/main/java/io/javatab/springcloud/auth/configuration/AuthorizationServerConfig.java +++ b/spring-cloud/authorization-server/src/main/java/io/javatab/springcloud/auth/configuration/AuthorizationServerConfig.java @@ -9,25 +9,50 @@ import org.slf4j.LoggerFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration; +import org.springframework.core.Ordered; +import org.springframework.core.annotation.Order; +import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.ClientAuthenticationMethod; import org.springframework.security.oauth2.core.oidc.OidcScopes; import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; -import org.springframework.security.oauth2.server.authorization.config.ProviderSettings; +import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration; +import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer; +import org.springframework.security.oauth2.server.authorization.settings.ClientSettings; +import org.springframework.security.oauth2.server.authorization.settings.TokenSettings; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; import java.time.Duration; import java.util.UUID; @Configuration(proxyBeanMethods = false) -@Import(OAuth2AuthorizationServerConfiguration.class) public class AuthorizationServerConfig { private static final Logger LOG = LoggerFactory.getLogger(AuthorizationServerConfig.class); + + @Bean + @Order(Ordered.HIGHEST_PRECEDENCE) + public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { + OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http); + http.getConfigurer(OAuth2AuthorizationServerConfigurer.class) + .oidc(Customizer.withDefaults()); // Enable OpenID Connect 1.0 + + // @formatter:off + http + .exceptionHandling(exceptions -> + exceptions.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")) + ) + .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt); + // @formatter:on + return http.build(); + } + // @formatter:off @Bean public RegisteredClientRepository registeredClientRepository() { @@ -36,7 +61,7 @@ public RegisteredClientRepository registeredClientRepository() { RegisteredClient writerClient = RegisteredClient.withId(UUID.randomUUID().toString()) .clientId("writer") .clientSecret("secret") - .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) + .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC) .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) .authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN) .authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS) @@ -45,14 +70,14 @@ public RegisteredClientRepository registeredClientRepository() { .scope(OidcScopes.OPENID) .scope("product:read") .scope("product:write") - .clientSettings(clientSettings -> clientSettings.requireUserConsent(true)) - .tokenSettings(ts -> ts.accessTokenTimeToLive(Duration.ofHours(1))) + .clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build()) + .tokenSettings(TokenSettings.builder().accessTokenTimeToLive(Duration.ofHours(1)).build()) .build(); RegisteredClient readerClient = RegisteredClient.withId(UUID.randomUUID().toString()) .clientId("reader") .clientSecret("secret") - .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC) + .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC) .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE) .authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN) .authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS) @@ -60,8 +85,8 @@ public RegisteredClientRepository registeredClientRepository() { .redirectUri("https://localhost:8443/webjars/swagger-ui/oauth2-redirect.html") .scope(OidcScopes.OPENID) .scope("product:read") - .clientSettings(clientSettings -> clientSettings.requireUserConsent(true)) - .tokenSettings(ts -> ts.accessTokenTimeToLive(Duration.ofHours(1))) + .clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build()) + .tokenSettings(TokenSettings.builder().accessTokenTimeToLive(Duration.ofHours(1)).build()) .build(); return new InMemoryRegisteredClientRepository(writerClient, readerClient); } @@ -73,8 +98,8 @@ public JWKSource jwkSource() { return (jwkSelector, securityContext) -> jwkSelector.select(jwkSet); } - @Bean + /* @Bean public ProviderSettings providerSettings() { return new ProviderSettings().issuer("http://auth-server:9999"); - } + }*/ } \ No newline at end of file diff --git a/spring-cloud/authorization-server/src/main/java/io/javatab/springcloud/auth/configuration/DefaultSecurityConfig.java b/spring-cloud/authorization-server/src/main/java/io/javatab/springcloud/auth/configuration/DefaultSecurityConfig.java index f52fc19..08747f1 100644 --- a/spring-cloud/authorization-server/src/main/java/io/javatab/springcloud/auth/configuration/DefaultSecurityConfig.java +++ b/spring-cloud/authorization-server/src/main/java/io/javatab/springcloud/auth/configuration/DefaultSecurityConfig.java @@ -5,7 +5,6 @@ import org.springframework.context.annotation.Bean; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; @@ -17,14 +16,15 @@ @EnableWebSecurity public class DefaultSecurityConfig { + private static final Logger LOG = LoggerFactory.getLogger(DefaultSecurityConfig.class); // formatter:off @Bean SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception { http - .authorizeRequests(authorizeRequests -> authorizeRequests - .antMatchers("/actuator/**").permitAll() + .authorizeHttpRequests(authorizeRequests -> authorizeRequests + .requestMatchers("/actuator/**").permitAll() .anyRequest().authenticated() ) .formLogin(withDefaults()); @@ -36,8 +36,8 @@ SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Excepti @Bean UserDetailsService users() { UserDetails user = User.withDefaultPasswordEncoder() - .username("user") - .password("password") + .username("u") + .password("p") .roles("USER") .build(); return new InMemoryUserDetailsManager(user); diff --git a/spring-cloud/config-server/src/main/java/io/javatab/springcloud/configserver/SecurityConfig.java b/spring-cloud/config-server/src/main/java/io/javatab/springcloud/configserver/SecurityConfig.java index 101eb79..bbb7210 100644 --- a/spring-cloud/config-server/src/main/java/io/javatab/springcloud/configserver/SecurityConfig.java +++ b/spring-cloud/config-server/src/main/java/io/javatab/springcloud/configserver/SecurityConfig.java @@ -1,22 +1,33 @@ package io.javatab.springcloud.configserver; import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -@Configuration -public class SecurityConfig extends WebSecurityConfigurerAdapter { +import static org.springframework.security.web.util.matcher.AntPathRequestMatcher.antMatcher; - @Override +@Configuration +@EnableWebSecurity +public class SecurityConfig { protected void configure(HttpSecurity http) throws Exception { http - // Disable CRCF to allow POST to /encrypt and /decrypt endpoins - .csrf() - .disable() - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic(); + // Disable CSRF to allow POST to /encrypt and /decrypt endpoints + .csrf(AbstractHttpConfigurer::disable) + .authorizeHttpRequests(expressionInterceptUrlRegistry -> { + try { + expressionInterceptUrlRegistry + .requestMatchers( + antMatcher("/config/**") + ).permitAll() + .anyRequest().authenticated() + .and() + .httpBasic(Customizer.withDefaults()); + } catch (Exception e) { + e.printStackTrace(); + } + }); } } diff --git a/spring-cloud/eureka-server/src/main/java/io/javatab/springcloud/eurekaserver/configuration/SecurityConfig.java b/spring-cloud/eureka-server/src/main/java/io/javatab/springcloud/eurekaserver/configuration/SecurityConfig.java index ab4ab27..42dd982 100644 --- a/spring-cloud/eureka-server/src/main/java/io/javatab/springcloud/eurekaserver/configuration/SecurityConfig.java +++ b/spring-cloud/eureka-server/src/main/java/io/javatab/springcloud/eurekaserver/configuration/SecurityConfig.java @@ -1,15 +1,16 @@ package io.javatab.springcloud.eurekaserver.configuration; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.crypto.password.NoOpPasswordEncoder; @Configuration -public class SecurityConfig extends WebSecurityConfigurerAdapter { +@EnableWebSecurity +public class SecurityConfig { @Value("${app.eureka-username}") private String username; @@ -17,7 +18,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Value("${app.eureka-password}") private String password; - @Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication() .passwordEncoder(NoOpPasswordEncoder.getInstance()) @@ -25,15 +25,18 @@ public void configure(AuthenticationManagerBuilder auth) throws Exception { .authorities("USER"); } - @Override protected void configure(HttpSecurity http) throws Exception { http // Disable CSRF to allow services to register themselves with Eureka .csrf() .disable() - .authorizeRequests() - .anyRequest().authenticated() - .and() - .httpBasic(); + .authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> { + try { + authorizationManagerRequestMatcherRegistry + .anyRequest().authenticated().and().httpBasic(Customizer.withDefaults()); + } catch (Exception e) { + e.printStackTrace(); + } + }); } }