-
Nicholas Blair authoredThis refactor was needed as the prior code did not fully support the 'combined' approach with both local-users and preauth. In the previous iteration, 2 WebSecurityConfigurerAdapters and as a result, 2 HttpSecurity instances would have been registered, only one having any affect (typically the preauth, but not guarantees). There is now only one WebSecurityConfigurerAdapter, whose sole purpose is to collect all HttpSecurityAmenders and execute their callback at the right time. Te existing WebSecurityConfiguration classes for both profiles have been retrofitted to produce HttpSecurityAmenders that perform the desired behavior. The test cases provided in the sample-war have been updated to provide 2 combined test paths: * 1 that has both profiles active, but demonstrates how fallback to HTTP Basic works, and * 1 that has both profiles active, and includes the simulation filter to produce a successful preauthentication.
Nicholas Blair authoredThis refactor was needed as the prior code did not fully support the 'combined' approach with both local-users and preauth. In the previous iteration, 2 WebSecurityConfigurerAdapters and as a result, 2 HttpSecurity instances would have been registered, only one having any affect (typically the preauth, but not guarantees). There is now only one WebSecurityConfigurerAdapter, whose sole purpose is to collect all HttpSecurityAmenders and execute their callback at the right time. Te existing WebSecurityConfiguration classes for both profiles have been retrofitted to produce HttpSecurityAmenders that perform the desired behavior. The test cases provided in the sample-war have been updated to provide 2 combined test paths: * 1 that has both profiles active, but demonstrates how fallback to HTTP Basic works, and * 1 that has both profiles active, and includes the simulation filter to produce a successful preauthentication.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
pom.xml 3.46 KiB
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>edu.wisc.uwss</groupId>
<artifactId>uw-spring-security</artifactId>
<version>0.4.9-SNAPSHOT</version>
</parent>
<artifactId>uw-spring-security-sample-war</artifactId>
<name>UW Spring Security Sample War</name>
<description>Sample web application showing how to integrate UW Spring Security in your applications.</description>
<packaging>war</packaging>
<properties>
<activeProfiles>local-users</activeProfiles>
</properties>
<dependencies>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
<groupId>edu.wisc.doit.adi</groupId>
<artifactId>preauth-simulation-filter</artifactId>
</dependency>
<dependency>
<groupId>edu.wisc.uwss</groupId>
<artifactId>uw-spring-security-config</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>edu.wisc.uwss</groupId>
<artifactId>uw-spring-security-web</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<scope>runtime</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration> <failOnMissingWebXml>false</failOnMissingWebXml>
</configuration>
</plugin>
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<configuration>
<skip>false</skip>
<jvmArgs>-Xdebug
-Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=7001
-Xnoagent -Dspring.profiles.active=${activeProfiles}</jvmArgs>
<systemProperties>
<systemProperty>
<name>spring.profiles.active</name>
<value>${activeProfiles}</value>
</systemProperty>
<systemProperty>
<name>log4j.configuration</name>
<value>log4j-developer.properties</value>
</systemProperty>
</systemProperties>
<webApp>
<extraClasspath>${basedir}/src/etc/resources</extraClasspath>
</webApp>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>preauth</id>
<properties>
<activeProfiles>preauth</activeProfiles>
</properties>
</profile>
<profile>
<id>combined</id>
<properties>
<activeProfiles>local-users,preauth</activeProfiles>
</properties>
</profile>
<profile>
<id>combined-simulate-netid</id>
<properties>
<activeProfiles>local-users,preauth,preauth-simulate-netid</activeProfiles>
</properties>
</profile>
</profiles>
</project>