Search in sources :

Example 1 with JWTAuthenticationFilter

use of io.gravitee.management.security.filter.JWTAuthenticationFilter in project gravitee-management-rest-api by gravitee-io.

the class BasicSecurityConfigurerAdapter method configure.

@Override
protected void configure(HttpSecurity http) throws Exception {
    final String jwtSecret = environment.getProperty("jwt.secret");
    if (jwtSecret == null || jwtSecret.isEmpty()) {
        throw new IllegalStateException("JWT secret is mandatory");
    }
    http.httpBasic().realmName("Gravitee.io Management API").and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().authorizeRequests().antMatchers(HttpMethod.OPTIONS, "**").permitAll().antMatchers(HttpMethod.POST, "/user/login").permitAll().antMatchers(HttpMethod.GET, "/user/").permitAll().antMatchers(HttpMethod.GET, "/user/**").authenticated().antMatchers(HttpMethod.POST, "/auth/**").permitAll().antMatchers(HttpMethod.GET, "/apis/hooks").authenticated().antMatchers(HttpMethod.GET, "/apis/**").permitAll().antMatchers(HttpMethod.POST, "/apis").authenticated().antMatchers(HttpMethod.POST, "/apis/**").authenticated().antMatchers(HttpMethod.PUT, "/apis/**").authenticated().antMatchers(HttpMethod.DELETE, "/apis/**").authenticated().antMatchers(HttpMethod.POST, "/applications").authenticated().antMatchers(HttpMethod.POST, "/applications/**").authenticated().antMatchers(HttpMethod.PUT, "/applications/**").authenticated().antMatchers(HttpMethod.DELETE, "/applications/**").authenticated().antMatchers(HttpMethod.GET, "/subscriptions/**").authenticated().antMatchers(HttpMethod.GET, "/instances/**").authenticated().antMatchers(HttpMethod.GET, "/platform/**").authenticated().antMatchers(HttpMethod.POST, "/users").permitAll().antMatchers(HttpMethod.POST, "/users/register").permitAll().antMatchers(HttpMethod.GET, "/users").authenticated().antMatchers(HttpMethod.GET, "/users/**").authenticated().antMatchers(HttpMethod.PUT, "/users/**").authenticated().antMatchers(HttpMethod.DELETE, "/users/**").authenticated().antMatchers(HttpMethod.GET, "/swagger.json").permitAll().antMatchers(HttpMethod.GET, "/configuration/groups/**").permitAll().antMatchers(HttpMethod.GET, "/configuration/views/**").permitAll().antMatchers(HttpMethod.GET, "/configuration/tags/**").permitAll().antMatchers(HttpMethod.GET, "/configuration/tenants/**").permitAll().antMatchers("/configuration/**").authenticated().antMatchers(HttpMethod.GET, "/portal/**").permitAll().antMatchers(HttpMethod.POST, "/portal/**").authenticated().antMatchers(HttpMethod.PUT, "/portal/**").authenticated().antMatchers(HttpMethod.DELETE, "/portal/**").authenticated().antMatchers(HttpMethod.GET, "/search/users").authenticated().anyRequest().authenticated().and().csrf().disable().cors().and().addFilterBefore(new JWTAuthenticationFilter(jwtCookieGenerator, jwtSecret), BasicAuthenticationFilter.class).addFilterAfter(new AuthenticationSuccessFilter(jwtCookieGenerator, jwtSecret, environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER), environment.getProperty("jwt.expire-after", Integer.class, DEFAULT_JWT_EXPIRE_AFTER), membershipService), BasicAuthenticationFilter.class);
}
Also used : AuthenticationSuccessFilter(io.gravitee.management.security.filter.AuthenticationSuccessFilter) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) JWTAuthenticationFilter(io.gravitee.management.security.filter.JWTAuthenticationFilter)

Aggregations

AuthenticationSuccessFilter (io.gravitee.management.security.filter.AuthenticationSuccessFilter)1 JWTAuthenticationFilter (io.gravitee.management.security.filter.JWTAuthenticationFilter)1 BasicAuthenticationFilter (org.springframework.security.web.authentication.www.BasicAuthenticationFilter)1