From 71d57146ea2238334d31bf1068676b12f5d7e9f0 Mon Sep 17 00:00:00 2001
From: Mirco Nasuti <mirco.nasuti@chuv.ch>
Date: Tue, 19 Jul 2016 13:17:44 +0200
Subject: [PATCH] add option to disable the authentication for testing
---
captain.yml | 4 +-
config/application.tmpl | 3 ++
config/application.yml | 3 ++
docker-compose.yml | 1 +
.../configuration/SecurityConfiguration.java | 47 +++++++++++++------
tests.sh | 3 ++
6 files changed, 45 insertions(+), 16 deletions(-)
create mode 100644 tests.sh
diff --git a/captain.yml b/captain.yml
index f9c80a37e..d46d7b2ba 100644
--- a/captain.yml
+++ b/captain.yml
@@ -7,7 +7,7 @@ portal-backend-build:
- docker run --rm -v $(pwd):/opt/portal/ -v $(pwd)/.m2:/root/.m2/ hbpmip/portal-backend-build
- echo 'Finished building portal-backend-build'
test:
- - tests.sh
+ - ./tests.sh
portal-backend:
build: ./src/docker/run/Dockerfile
@@ -21,4 +21,4 @@ portal-backend:
- rm -rf $(pwd)/src/docker/run/config/
- echo 'Finished building portal-backend'
test:
- - tests.sh
\ No newline at end of file
+ - ./tests.sh
\ No newline at end of file
diff --git a/config/application.tmpl b/config/application.tmpl
index ef4b18fb4..815e1e429 100644
--- a/config/application.tmpl
+++ b/config/application.tmpl
@@ -48,3 +48,6 @@ workflow:
frontend:
redirect:
url: {{ .Env.FRONTEND_REDIRECT_URL }}
+
+authentication:
+ enabled: {{ .Env.AUTHENTICATION }}
diff --git a/config/application.yml b/config/application.yml
index 3b704d69a..de62b378f 100644
--- a/config/application.yml
+++ b/config/application.yml
@@ -48,3 +48,6 @@ workflow:
frontend:
redirect:
url: http://frontend/home
+
+authentication:
+ enabled: 0
diff --git a/docker-compose.yml b/docker-compose.yml
index 7cff16025..8ebb67e48 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -32,6 +32,7 @@ services:
ML_URL: http://172.22.0.1:8087/mining
EXAREME_URL: http://hbps2.chuv.ch:9090/mining/query
FRONTEND_REDIRECT_URL: http://frontend/home
+ AUTHENTICATION: 0
portal-db:
container_name: portal-db
diff --git a/src/main/java/org/hbp/mip/configuration/SecurityConfiguration.java b/src/main/java/org/hbp/mip/configuration/SecurityConfiguration.java
index 79b437fed..f8d78b38f 100644
--- a/src/main/java/org/hbp/mip/configuration/SecurityConfiguration.java
+++ b/src/main/java/org/hbp/mip/configuration/SecurityConfiguration.java
@@ -82,20 +82,32 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Value("#{'${frontend.redirect.url:http://frontend/home}'}")
String frontendRedirect;
+ @Value("#{'${authentication.enabled:1}'}")
+ boolean authentication;
+
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.addFilterBefore(new CORSFilter(), ChannelProcessingFilter.class);
- http.antMatcher("/**")
- .authorizeRequests()
- .antMatchers("/", "/frontend/**", "/webjars/**", "/v2/api-docs").permitAll()
- .anyRequest().authenticated()
- .and().exceptionHandling().authenticationEntryPoint(new CustomLoginUrlAuthenticationEntryPoint(loginUrl))
- .and().logout().logoutSuccessUrl(loginUrl).permitAll()
- .and().logout().logoutUrl(logoutUrl).permitAll()
- .and().csrf().ignoringAntMatchers(logoutUrl).csrfTokenRepository(csrfTokenRepository())
- .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
- .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
+
+ if(authentication) {
+ http.antMatcher("/**")
+ .authorizeRequests()
+ .antMatchers("/", "/frontend/**", "/webjars/**", "/v2/api-docs").permitAll()
+ .anyRequest().authenticated()
+ .and().exceptionHandling().authenticationEntryPoint(new CustomLoginUrlAuthenticationEntryPoint(loginUrl))
+ .and().logout().logoutSuccessUrl(loginUrl).permitAll()
+ .and().logout().logoutUrl(logoutUrl).permitAll()
+ .and().csrf().ignoringAntMatchers(logoutUrl).csrfTokenRepository(csrfTokenRepository())
+ .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
+ .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
+ }
+ else {
+ http.antMatcher("/**")
+ .authorizeRequests()
+ .antMatchers("/**").permitAll();
+ getUser();
+ }
}
private Filter ssoFilter() {
@@ -173,11 +185,18 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
* @return
*/
public synchronized User getUser() {
- User user = new User(getUserInfos());
- User foundUser = userRepository.findOne(user.getUsername());
- if(foundUser != null)
+ User user;
+ if(!authentication)
{
- user.setAgreeNDA(foundUser.getAgreeNDA());
+ user = new User();
+ user.setUsername("TestUser");
+ }
+ else {
+ user = new User(getUserInfos());
+ User foundUser = userRepository.findOne(user.getUsername());
+ if (foundUser != null) {
+ user.setAgreeNDA(foundUser.getAgreeNDA());
+ }
}
userRepository.save(user);
return user;
diff --git a/tests.sh b/tests.sh
new file mode 100644
index 000000000..e37f7cae4
--- /dev/null
+++ b/tests.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+exit 0;
\ No newline at end of file
--
GitLab