Updated

manishsingh27 · Sep 19, 2017 · 863d367 · 863d367
1 parent 3c11afe
commit 863d367
Show file tree

Hide file tree

Showing 21 changed files with 467 additions and 107 deletions.
diff --git a/authz/pom.xml b/authz/pom.xml
@@ -100,6 +100,7 @@
 			<groupId>javax.mail</groupId>
 			<artifactId>javax.mail-api</artifactId>
 		</dependency> -->
+
 	</dependencies>
 
 	<dependencyManagement>

diff --git a/authz/src/main/java/com/adms/authz/config/ResourceServiceConfiguration.java b/authz/src/main/java/com/adms/authz/config/ResourceServiceConfiguration.java
@@ -1,17 +1,26 @@
 package com.adms.authz.config;
 
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 
 @Configuration
 @EnableResourceServer
+@Order(1)
 public class ResourceServiceConfiguration extends ResourceServerConfigurerAdapter {
 
 	@Override
 	public void configure(HttpSecurity http) throws Exception {
-		http.csrf().disable().authorizeRequests().antMatchers("/uaa/v1/api/**").hasAnyAuthority ("ROLE_READER","ROLE_USER");
+		http.
+		antMatcher("/v1/api/**")
+		.csrf().disable()
+		.authorizeRequests()
+			.antMatchers("/v1/api/**").hasAnyAuthority ("READ_PRIVILEGE","WRITE_PRIVILEGE");
+		//.anyRequest().authenticated();
 	}
+
 
 }
diff --git a/authz/src/main/java/com/adms/authz/config/SecurityConfiguration.java b/authz/src/main/java/com/adms/authz/config/SecurityConfiguration.java
@@ -1,4 +1,4 @@
-package com.adms.authz.config;
+/*package com.adms.authz.config;
 
 import javax.sql.DataSource;
 
@@ -10,6 +10,7 @@
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.ObjectPostProcessor;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetailsService;
@@ -24,6 +25,7 @@
 import com.adms.authz.user.service.SocialUserService;
 
 @Configuration
+@EnableGlobalMethodSecurity(prePostEnabled = true)
 @Order(-20)
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	
@@ -74,11 +76,18 @@ public <O extends SocialAuthenticationFilter> O postProcess(O socialAuthenticati
 		http
 			.formLogin().loginPage("/login").permitAll()
 		.and()
-			.requestMatchers().antMatchers("/login", "/oauth/authorize", "/oauth/confirm_access", "/auth/**", "/v1/user", "/view/register.html", "/view/headers.html", 
-					"/view/login.html","/view/regHeaders.html", "/v1/api/user/registrationConfirm*")
+			.requestMatchers().antMatchers("/login", "/oauth/authorize", "/oauth/confirm_access", "/auth/**", "/view/register.html", "/v1/user", "/view/headers.html",
+					"/view/login.html", "/view/regHeaders.html", "/view/forgotPWPage.html",
+					"/view/forgotPWSuccessPage.html", "/v1/api/user/registrationConfirm*",
+					"/v1/user/resetPassword", "/v1/api/user/changePassword*")
 		.and()
 			.authorizeRequests()
-			.antMatchers("/view/register.html", "/v1/user", "/view/headers.html", "/view/login.html", "/view/regHeaders.html", "/v1/api/user/registrationConfirm*").permitAll()
+			.antMatchers("/logout*", "/view/register.html", "/v1/user", "/view/headers.html",
+					"/view/login.html", "/view/regHeaders.html", "/view/forgotPWPage.html",
+					"/view/forgotPWSuccessPage.html", "/v1/api/user/registrationConfirm*",
+					"/v1/user/resetPassword", "/v1/api/user/changePassword*").permitAll()
+			//.antMatchers("/view/register.html", "/v1/user", "/view/headers.html", "/view/login.html", "/view/regHeaders.html", "/v1/api/user/registrationConfirm*")
+			//.permitAll()
 			.anyRequest().authenticated().and()
 			.csrf().disable()
 			// add custom authentication filter for complete stateless JWT based authentication
@@ -89,26 +98,26 @@ public <O extends SocialAuthenticationFilter> O postProcess(O socialAuthenticati
 		// @formatter:on
 	}
 	
-	/*@Bean
+	@Bean
 	@Override
 	public AuthenticationManager authenticationManager() throws Exception {
 		return super.authenticationManager();
-	}*/
+	}
 	
 	@Override
 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
 		//auth.parentAuthenticationManager(authenticationManager);	
 		auth.userDetailsService(userDetailsService)
 			.passwordEncoder(bCryptPasswordEncoder);
 		
-		/*auth.
+		auth.
 		jdbcAuthentication()
 			.usersByUsernameQuery(usersQuery)
 			.authoritiesByUsernameQuery(rolesQuery)
 			.dataSource(dataSource)
-			.passwordEncoder(bCryptPasswordEncoder);*/
+			.passwordEncoder(bCryptPasswordEncoder);
 		
-		/*auth.inMemoryAuthentication()
+		auth.inMemoryAuthentication()
 		.withUser("reader")
 		.password("reader")
 		.authorities("ROLE_READER")
@@ -119,14 +128,15 @@ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
 		.and()
 		.withUser("guest")
 		.password("guest")
-		.authorities("ROLE_GUEST");*/
+		.authorities("ROLE_GUEST");
 	}
 
-	/*@Override
+	@Override
 	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
 		auth.parentAuthenticationManager(authenticationManager);
-	}*/
+	}
 	
 
 
 }
+*/