Spring Security integration.

dlavoie · dlavoie · commit aac3321c7089 · 2014-07-29T23:21:48.000-04:00
diff --git a/redis-message-server/pom.xml b/redis-message-server/pom.xml
@@ -65,5 +65,13 @@
 			<groupId>com.cspinformatique.redis.message</groupId>
 			<artifactId>redis-message-core</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-web</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-config</artifactId>
+		</dependency>
 	</dependencies>
 </project>
diff --git a/redis-message-server/src/main/java/com/cspinformatique/redis/server/config/SecurityConfig.java b/redis-message-server/src/main/java/com/cspinformatique/redis/server/config/SecurityConfig.java
@@ -0,0 +1,35 @@
+package com.cspinformatique.redis.server.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.env.Environment;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@PropertySource("classpath:security/credentials.properties")
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+	@Autowired
+	private Environment env;
+
+	@Autowired
+	public void configureGlobal(AuthenticationManagerBuilder auth)
+			throws Exception {
+		auth.inMemoryAuthentication()
+				.withUser(env.getRequiredProperty("redis.notifier.user"))
+				.password(env.getRequiredProperty("redis.notifier.password"))
+				.roles("NOTIFIER");
+	}
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http.authorizeRequests().antMatchers("/**")
+				.access("hasRole('ROLE_NOTIFIER')").and().httpBasic();
+		
+		http.csrf().disable();
+	}
+}
diff --git a/redis-message-server/src/main/java/com/cspinformatique/redis/server/security/SpringSecurityInitializer.java b/redis-message-server/src/main/java/com/cspinformatique/redis/server/security/SpringSecurityInitializer.java
@@ -0,0 +1,8 @@
+package com.cspinformatique.redis.server.security;
+
+import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
+
+public class SpringSecurityInitializer extends
+		AbstractSecurityWebApplicationInitializer {
+
+}
diff --git a/redis-message-server/src/main/resources/security/credentials.properties b/redis-message-server/src/main/resources/security/credentials.properties
@@ -0,0 +1,2 @@
+redis.notifier.user=notifier
+redis.notifier.password=3Sf8!29nZ

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+redis.notifier.user=notifier`
	`2`	`+redis.notifier.password=3Sf8!29nZ`