Merge pull request #1 from anthonyraymond/laur89/master

- this is a merge from upstream back to PR #1
2024-09-20 07:16:26 +08:00 · 2022-11-02 11:07:11 +01:00 · 2022-11-02 11:07:11 +01:00 · ac2ae03f21
parent f197e60ee1 8360ae9f02
commit ac2ae03f21
3 changed files with 19 additions and 19 deletions
--- a/pom.xml
+++ b/pom.xml
@ -57,20 +57,12 @@
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
            <exclusions>
-                <!--<exclusion>
-                    <groupId>org.springframework.boot</groupId>
-                    <artifactId>spring-boot-starter-tomcat</artifactId>
-                </exclusion>-->
                <exclusion>
                    <groupId>org.hibernate.validator</groupId>
                    <artifactId>hibernate-validator</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
-        <!--<dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-undertow</artifactId>
-        </dependency>-->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-websocket</artifactId>
@ -119,17 +111,14 @@
        <dependency>
            <groupId>org.apache.commons</groupId>
            <artifactId>commons-lang3</artifactId>
-            <!--<version>${commons-lang3.version}</version> inherit version from parent -->
        </dependency>
        <dependency>
            <groupId>commons-codec</groupId>
            <artifactId>commons-codec</artifactId>
-            <!--<version>${commons-codec.version}</version> inherit version from parent -->
        </dependency>
        <dependency>
            <groupId>org.apache.httpcomponents</groupId>
            <artifactId>fluent-hc</artifactId>
-            <!--<version>${httpclient.version}</version> inherit version from parent -->
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
@ -151,13 +140,11 @@
        <dependency>
            <groupId>org.mockito</groupId>
            <artifactId>mockito-core</artifactId>
-            <!-- Version inherited from spring-boot-starter-test -->
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.assertj</groupId>
            <artifactId>assertj-core</artifactId>
-            <!--<version>${assertj.version}</version> inherit version from parent -->
            <scope>test</scope>
        </dependency>
    </dependencies>
@ -167,7 +154,6 @@
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
-                <!--<version>${maven-compiler-plugin.version}</version> inherit version from parent -->
                <configuration>
                    <source>${java.version}</source>
                    <target>${java.version}</target>
--- a/src/main/java/org/araymond/joal/core/ttorrent/client/announcer/exceptions/TooMuchAnnouncesFailedInARawException.java
+++ b/src/main/java/org/araymond/joal/core/ttorrent/client/announcer/exceptions/TooMuchAnnouncesFailedInARawException.java
--- a/src/main/java/org/araymond/joal/web/config/security/WebSecurityConfig.java
+++ b/src/main/java/org/araymond/joal/web/config/security/WebSecurityConfig.java
@ -2,17 +2,23 @@ package org.araymond.joal.web.config.security;

 import org.araymond.joal.web.annotations.ConditionalOnWebUi;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.DefaultSecurityFilterChain;
+import org.springframework.security.web.SecurityFilterChain;

 /**
 * Created by raymo on 29/07/2017.
 */
@ConditionalOnWebUi
+@EnableWebSecurity
@Configuration
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+public class WebSecurityConfig {
    private final String pathPrefix;
    private final boolean shouldDisableFrameOptions;

@ -24,19 +30,27 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
        this.shouldDisableFrameOptions = shouldDisableFrameOptions;
    }

-    @Override
-    protected void configure(final HttpSecurity http) throws Exception {
+    @Bean
+    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        if (this.shouldDisableFrameOptions) {
            http.headers().frameOptions().disable();
        }

-        http
+        return http
                .httpBasic().disable()
+                .formLogin().disable()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
                .authorizeRequests()
                .antMatchers("/" + this.pathPrefix).permitAll()
                .antMatchers("/" + this.pathPrefix + "/ui/**").permitAll()
-                .anyRequest().denyAll();
+                .anyRequest().denyAll()
+                .and().build();
+    }
+
+    // Provide an empty UserDetailService to prevent spring from injecting a default one with a valid random password.
+    @Bean
+    public InMemoryUserDetailsManager userDetailsService() {
+        return new InMemoryUserDetailsManager();
    }

 }