diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 898e0eaf2f744e9921d74193b7ef1973923c3c56..a6d38e74b8452ca7c78195b3aa34bbd0b128cc83 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -10,8 +10,8 @@ workflow:
- when: always
variables:
- MAVEN_OPTS: "-Xmx500m -XX:GCLockerRetryAllocationCount=100 -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN"
- MAVEN_CLI_OPTS: "--batch-mode -DinstallAtEnd=true -DdeployAtEnd=true -DskipDeployBigArtefact=true -s $CI_PROJECT_DIR/ci_settings.xml"
+ MAVEN_OPTS: "-Xmx500m -XX:+UseSerialGC -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN"
+ MAVEN_CLI_OPTS: "--batch-mode -DskipDeployBigArtefact=true -s $CI_PROJECT_DIR/ci_settings.xml"
stages:
- build
@@ -30,6 +30,8 @@ maven-build:
rules:
- if: $OPERATION != null
when: never
+ - if: $CI_COMMIT_TAG != null
+ when: never
- if: $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH
variables:
MAVEN_GOAL: "install"
@@ -42,19 +44,25 @@ maven-build:
image: registry.opencode.de/diplanung/ozgxplanung/mvn-build-image:latest
script:
- mvn package -Dxplan-tests.maven.deploy.skip=true -Pdocker,skipAll -pl $mvnProjects -am
+ - ci/readEnvPropsForKanikoBuilds.sh > build.env
- find . -name docker-build.tar | xargs gzip
- set -o pipefail; find . -name docker-build.tar.gz | grep . | xargs du -h
rules:
- if: $CI_PIPELINE_SOURCE == 'schedule'
when: never
+ - if: $CI_COMMIT_TAG != null
+ when: on_success
- if: $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH
when: never
- when: on_success
artifacts:
expire_in: 1 hour
+ reports:
+ dotenv: build.env
variables:
UPSTREAM_REF: $CI_COMMIT_REF_NAME
+
maven-prepare-docker-contexts-apis-and-inspire-plu:
extends: .maven-prepare-docker-contexts
variables:
@@ -96,25 +104,15 @@ maven-prepare-docker-contexts-others:
include: ci/all-kaniko-builds.gitlab-ci.yml
-maven-release:
+maven-deploy-release:
image: registry.opencode.de/diplanung/ozgxplanung/mvn-build-image:latest
stage: build:jvm
rules:
- - if: $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH
- when: never
- if: $OPERATION != null
when: never
- - if: $CI_COMMIT_TAG
- before_script:
- - mkdir -p ~/.ssh/
- - cp $DEPLOY_PRIVATE_KEY ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
- - cp $KNOWN_HOSTS ~/.ssh/known_hosts
- - apt-get update && apt-get install -y git
- - git config --global user.email "noreply@gitlab.opencode.de"
- - git config --global user.name "xplanung GitLab CI"
- - git checkout -B "$CI_COMMIT_REF_NAME"
+ - if: $CI_COMMIT_TAG != null
script:
- - mvn release:prepare release:perform $MAVEN_CLI_OPTS -DscmReleaseCommitComment="release @{releaseLabel}" -DtagNameFormat="v@{project.version}"
+ - mvn $MAVEN_CLI_OPTS deploy -PskipAll -Dxplan-tests.maven.deploy.skip=true
gitlab-release:
stage: deploy
@@ -122,9 +120,9 @@ gitlab-release:
rules:
- if: $OPERATION != null
when: never
- - if: $CI_COMMIT_TAG
+ - if: $CI_COMMIT_TAG != null
script:
- - echo "Running the release job for $CI_COMMIT_TAG"
+ - echo "Running job gitlab-release for $CI_COMMIT_TAG"
release:
tag_name: $CI_COMMIT_TAG
name: 'Release $CI_COMMIT_TAG'
diff --git a/ci/all-kaniko-builds.gitlab-ci.yml b/ci/all-kaniko-builds.gitlab-ci.yml
index 959dd308c367fae55177ae6214c287b2d037bcc4..0a6c703acb2182e446fdd659f5f614dc00970e15 100644
--- a/ci/all-kaniko-builds.gitlab-ci.yml
+++ b/ci/all-kaniko-builds.gitlab-ci.yml
@@ -5,15 +5,17 @@
name: gcr.io/kaniko-project/executor:v1.9.0-debug
entrypoint: [""]
script:
- - /kaniko/executor --context=tar://${CI_PROJECT_DIR}/$tarGzFile --destination=$destination:$dockerTag
+ - /kaniko/executor --context=tar://${CI_PROJECT_DIR}/$tarGzFile --destination=$destination:$xplanboxVersion
--build-arg="BUILD_DATE='$(date --utc +'%Y-%m-%d %H:%M:%SZ')'"
--build-arg="DOCKER_IMAGE_NAME=$dockerImageName"
--build-arg="GIT_REVISION=${CI_COMMIT_SHA}"
--build-arg="XPLANBOX_IMAGE_NAME_PREFIX=${CI_REGISTRY_IMAGE}/xplanbox"
- --build-arg="XPLANBOX_VERSION=${dockerTag}"
+ --build-arg="XPLANBOX_VERSION=${xplanboxVersion}"
rules:
- if: $CI_PIPELINE_SOURCE == 'schedule'
when: never
+ - if: $CI_COMMIT_TAG != null
+ when: on_success
- if: $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH
when: never
- when: on_success
@@ -30,6 +32,7 @@ kaniko:xplan-cli-docker:
tarGzFile: xplan-cli/xplan-cli-docker/target/docker/xplanbox/xplan-cli/tmp/docker-build.tar.gz
needs:
- maven-prepare-docker-contexts-cli
+ - kaniko:xplan-docker-volume-init
kaniko:xplan-db-updater:
extends: .kaniko:build
diff --git a/ci/readEnvPropsForKanikoBuilds.sh b/ci/readEnvPropsForKanikoBuilds.sh
new file mode 100755
index 0000000000000000000000000000000000000000..cb003d077cb032e6367d889b898779c0b0882c47
--- /dev/null
+++ b/ci/readEnvPropsForKanikoBuilds.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+# to be run in a folder with pom.xml
+
+xplanboxVersion=$(mvn -N help:evaluate -Dexpression=project.version -q -DforceStdout)
+
+echo -n "xplanboxVersion=$([[ $xplanboxVersion == *SNAPSHOT ]] && echo 'latest' || echo $xplanboxVersion)
+"
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 96eb0f1ed2930f4a9297538c36733ddff5bb938f..d2c2d380f8e24d99c3aee47a9b440365cb0d2282 100644
--- a/pom.xml
+++ b/pom.xml
@@ -60,6 +60,7 @@
<module>xplan-core</module>
<module>xplan-documentation</module>
<module>xplan-resources</module>
+ <module>xplan-security</module>
<module>xplan-tests</module>
<module>xplan-webapps</module>
<module>xplan-webservices</module>
@@ -1366,6 +1367,16 @@
</exclusion>
</exclusions>
</dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-security</artifactId>
+ <version>${spring-boot.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-test</artifactId>
+ <version>${spring-boot.version}</version>
+ </dependency>
<!-- Spring Security -->
<dependency>
<groupId>org.springframework.security</groupId>
diff --git a/xplan-api/pom.xml b/xplan-api/pom.xml
index c32f764c83e52e80f57122271a0e59518ec0198c..b900feb70a5039e2227ccac2aeaaecc677dfc9c4 100644
--- a/xplan-api/pom.xml
+++ b/xplan-api/pom.xml
@@ -43,14 +43,14 @@
<resource>
<directory>src/main/webapp</directory>
<includes>
- <include>version.txt</include>
+ <include>**/version.txt</include>
</includes>
<filtering>true</filtering>
</resource>
<resource>
<directory>src/main/webapp</directory>
<excludes>
- <exclude>version.txt</exclude>
+ <exclude>**/version.txt</exclude>
</excludes>
<filtering>false</filtering>
</resource>
diff --git a/xplan-api/xplan-api-dokumente/src/main/webapp/version.txt b/xplan-api/xplan-api-dokumente/src/main/webapp/xdokumente/version.txt
similarity index 100%
rename from xplan-api/xplan-api-dokumente/src/main/webapp/version.txt
rename to xplan-api/xplan-api-dokumente/src/main/webapp/xdokumente/version.txt
diff --git a/xplan-api/xplan-api-manager/pom.xml b/xplan-api/xplan-api-manager/pom.xml
index c6d801e5ac4861ea4b7fe217a00a4f697c1cbd13..5c5f1c025eabed7edb8af7d58e165176142c66c4 100644
--- a/xplan-api/xplan-api-manager/pom.xml
+++ b/xplan-api/xplan-api-manager/pom.xml
@@ -78,6 +78,11 @@
<groupId>de.latlon.product.xplanbox</groupId>
<artifactId>xplan-api-commons</artifactId>
</dependency>
+ <dependency>
+ <groupId>de.latlon.product.xplanbox</groupId>
+ <artifactId>xplan-security</artifactId>
+ <version>${project.version}</version>
+ </dependency>
<!-- deegree -->
<dependency>
<groupId>de.latlon</groupId>
diff --git a/xplan-api/xplan-api-manager/src/main/java/de/latlon/xplanbox/api/manager/SpringBootApp.java b/xplan-api/xplan-api-manager/src/main/java/de/latlon/xplanbox/api/manager/SpringBootApp.java
index 922a9b5ae79159d9d4db64adf30c283e2032824c..ec44d236a2b7c6d85f59f0fef13733f6594ab511 100644
--- a/xplan-api/xplan-api-manager/src/main/java/de/latlon/xplanbox/api/manager/SpringBootApp.java
+++ b/xplan-api/xplan-api-manager/src/main/java/de/latlon/xplanbox/api/manager/SpringBootApp.java
@@ -5,11 +5,13 @@ import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.liquibase.LiquibaseAutoConfiguration;
import org.springframework.boot.autoconfigure.quartz.QuartzAutoConfiguration;
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
import org.springframework.context.annotation.ComponentScan;
@SpringBootApplication
@ComponentScan(basePackages = { "de.latlon.xplanbox.api.manager.config" })
-@EnableAutoConfiguration(exclude = { QuartzAutoConfiguration.class, LiquibaseAutoConfiguration.class })
+@EnableAutoConfiguration(
+ exclude = { QuartzAutoConfiguration.class, LiquibaseAutoConfiguration.class, SecurityAutoConfiguration.class })
public class SpringBootApp {
public static void main(String[] args) {
diff --git a/xplan-api/xplan-api-manager/src/main/java/de/latlon/xplanbox/api/manager/config/ApplicationContext.java b/xplan-api/xplan-api-manager/src/main/java/de/latlon/xplanbox/api/manager/config/ApplicationContext.java
index ff89e7d0a42b2bfa48b983c8a7b69666ca261d15..8f6cf17a75892d73e84782d601b24117e6d998a5 100644
--- a/xplan-api/xplan-api-manager/src/main/java/de/latlon/xplanbox/api/manager/config/ApplicationContext.java
+++ b/xplan-api/xplan-api-manager/src/main/java/de/latlon/xplanbox/api/manager/config/ApplicationContext.java
@@ -81,6 +81,7 @@ import de.latlon.xplan.validator.semantic.xquery.XQuerySemanticValidator;
import de.latlon.xplan.validator.syntactic.SyntacticValidator;
import de.latlon.xplan.validator.syntactic.SyntacticValidatorImpl;
import de.latlon.xplanbox.api.commons.handler.SystemConfigHandler;
+import de.latlon.xplanbox.security.config.SecurityContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.ApplicationEventPublisher;
@@ -108,7 +109,7 @@ import static de.latlon.xplan.manager.workspace.WorkspaceUtils.DEFAULT_XPLANSYN_
*/
@Configuration
@ComponentScan(basePackages = { "de.latlon.xplanbox.api.manager.handler" })
-@Import({ JpaContext.class, RasterStorageContext.class, AmazonS3RasterStorageContext.class,
+@Import({ SecurityContext.class, JpaContext.class, RasterStorageContext.class, AmazonS3RasterStorageContext.class,
DocumentStorageContext.class, StorageCleanUpContext.class })
public class ApplicationContext {
diff --git a/xplan-api/xplan-api-manager/src/main/webapp/version.txt b/xplan-api/xplan-api-manager/src/main/webapp/xmanager/version.txt
similarity index 100%
rename from xplan-api/xplan-api-manager/src/main/webapp/version.txt
rename to xplan-api/xplan-api-manager/src/main/webapp/xmanager/version.txt
diff --git a/xplan-api/xplan-api-validator/pom.xml b/xplan-api/xplan-api-validator/pom.xml
index 74b3e5c315537d5c1e6106c85770778923cf0dee..3a2dc2c74673d15d1baf118c4aaa8357cb7c1fee 100755
--- a/xplan-api/xplan-api-validator/pom.xml
+++ b/xplan-api/xplan-api-validator/pom.xml
@@ -133,6 +133,11 @@
<groupId>de.latlon.product.xplanbox</groupId>
<artifactId>xplan-api-commons</artifactId>
</dependency>
+ <dependency>
+ <groupId>de.latlon.product.xplanbox</groupId>
+ <artifactId>xplan-security</artifactId>
+ <version>${project.version}</version>
+ </dependency>
<!-- XPlanung -->
<dependency>
<groupId>de.xleitstelle.xplanung</groupId>
diff --git a/xplan-api/xplan-api-validator/src/main/java/de/latlon/xplanbox/api/validator/SpringBootApp.java b/xplan-api/xplan-api-validator/src/main/java/de/latlon/xplanbox/api/validator/SpringBootApp.java
index 7bb58b188a46c20adc877451e0666e444036fabb..1d7d89b60e5edda95aee44793fafce902a838807 100644
--- a/xplan-api/xplan-api-validator/src/main/java/de/latlon/xplanbox/api/validator/SpringBootApp.java
+++ b/xplan-api/xplan-api-validator/src/main/java/de/latlon/xplanbox/api/validator/SpringBootApp.java
@@ -1,11 +1,14 @@
package de.latlon.xplanbox.api.validator;
import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
import org.springframework.context.annotation.ComponentScan;
@SpringBootApplication
@ComponentScan(basePackages = { "de.latlon.xplanbox.api.validator.config" })
+@EnableAutoConfiguration(exclude = { SecurityAutoConfiguration.class })
public class SpringBootApp {
public static void main(String[] args) {
diff --git a/xplan-api/xplan-api-validator/src/main/java/de/latlon/xplanbox/api/validator/config/ApplicationContext.java b/xplan-api/xplan-api-validator/src/main/java/de/latlon/xplanbox/api/validator/config/ApplicationContext.java
index fc4c339c3ca6054578d24b54441598896322275d..cfb8b7a10b2a3f01ecc83ecaf834a3101e9a3d64 100644
--- a/xplan-api/xplan-api-validator/src/main/java/de/latlon/xplanbox/api/validator/config/ApplicationContext.java
+++ b/xplan-api/xplan-api-validator/src/main/java/de/latlon/xplanbox/api/validator/config/ApplicationContext.java
@@ -20,22 +20,6 @@
*/
package de.latlon.xplanbox.api.validator.config;
-import static java.nio.file.Files.createTempDirectory;
-
-import java.io.IOException;
-import java.nio.file.Path;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.core.io.ResourceLoader;
-
import de.latlon.xplan.commons.configuration.PropertiesLoader;
import de.latlon.xplan.commons.configuration.SystemPropertyPropertiesLoader;
import de.latlon.xplan.manager.web.shared.ConfigurationException;
@@ -57,13 +41,29 @@ import de.latlon.xplan.validator.syntactic.SyntacticValidator;
import de.latlon.xplan.validator.syntactic.SyntacticValidatorImpl;
import de.latlon.xplan.validator.wms.config.ValidatorWmsContext;
import de.latlon.xplanbox.api.commons.handler.SystemConfigHandler;
+import de.latlon.xplanbox.security.config.SecurityContext;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.core.io.ResourceLoader;
+
+import java.io.IOException;
+import java.nio.file.Path;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import static java.nio.file.Files.createTempDirectory;
/**
* @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
*/
@Configuration
@ComponentScan(basePackages = { "de.latlon.xplanbox.api.validator.handler", "de.latlon.xplanbox.api.validator.v1" })
-@Import(ValidatorWmsContext.class)
+@Import({ SecurityContext.class, ValidatorWmsContext.class })
public class ApplicationContext {
@Autowired
diff --git a/xplan-api/xplan-api-validator/src/main/webapp/version.txt b/xplan-api/xplan-api-validator/src/main/webapp/xvalidator/version.txt
similarity index 100%
rename from xplan-api/xplan-api-validator/src/main/webapp/version.txt
rename to xplan-api/xplan-api-validator/src/main/webapp/xvalidator/version.txt
diff --git a/xplan-security/pom.xml b/xplan-security/pom.xml
new file mode 100644
index 0000000000000000000000000000000000000000..7b928556b436f59b4851d0c59c71d7a91f60fd37
--- /dev/null
+++ b/xplan-security/pom.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>xplan-security</artifactId>
+
+ <parent>
+ <groupId>de.latlon.product.xplanbox</groupId>
+ <artifactId>xplanbox</artifactId>
+ <version>7.1-SNAPSHOT</version>
+ </parent>
+
+ <dependencies>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-security</artifactId>
+ </dependency>
+ <!-- logging -->
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </dependency>
+ <!-- test -->
+ <dependency>
+ <groupId>org.junit.jupiter</groupId>
+ <artifactId>junit-jupiter</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-test</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+</project>
diff --git a/xplan-security/src/main/java/de/latlon/xplanbox/security/authentication/PropertiesFileUserDetailsManager.java b/xplan-security/src/main/java/de/latlon/xplanbox/security/authentication/PropertiesFileUserDetailsManager.java
new file mode 100644
index 0000000000000000000000000000000000000000..7721fac23399fc423cb17bcbaf44b3557512bf66
--- /dev/null
+++ b/xplan-security/src/main/java/de/latlon/xplanbox/security/authentication/PropertiesFileUserDetailsManager.java
@@ -0,0 +1,79 @@
+package de.latlon.xplanbox.security.authentication;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.UserDetailsManager;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.util.Map;
+import java.util.Properties;
+import java.util.stream.Collectors;
+
+/**
+ * {@link UserDetailsManager} managing user details from properties file
+ *
+ * @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
+ * @since 7.1
+ */
+public class PropertiesFileUserDetailsManager implements UserDetailsManager {
+
+ private static final Logger LOG = LoggerFactory.getLogger(PropertiesFileUserDetailsManager.class);
+
+ private final Map<String, String> usersAndEncryptedPasswords;
+
+ public PropertiesFileUserDetailsManager(String userPropertiesFile, PasswordEncoder passwordEncoder)
+ throws SecurityConfigurationException {
+ try (FileInputStream inputStream = new FileInputStream(userPropertiesFile)) {
+ Properties users = new Properties();
+ users.load(inputStream);
+ this.usersAndEncryptedPasswords = users.entrySet()
+ .stream()
+ .collect(Collectors.toMap(entry -> (String) entry.getKey(),
+ entry -> passwordEncoder.encode((String) entry.getValue())));
+ }
+ catch (IOException e) {
+ LOG.error("Properties file with users could not be read. ", e);
+ throw new SecurityConfigurationException(e);
+ }
+ }
+
+ @Override
+ public void createUser(UserDetails user) {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public void updateUser(UserDetails user) {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public void deleteUser(String username) {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public void changePassword(String oldPassword, String newPassword) {
+ throw new UnsupportedOperationException();
+ }
+
+ @Override
+ public boolean userExists(String username) {
+ return usersAndEncryptedPasswords.containsKey(username);
+ }
+
+ @Override
+ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+ if (!userExists(username)) {
+ throw new UsernameNotFoundException(username);
+ }
+ String password = this.usersAndEncryptedPasswords.get(username);
+ return User.withUsername(username).password(password).roles("USER_ROLE").build();
+ }
+
+}
diff --git a/xplan-security/src/main/java/de/latlon/xplanbox/security/authentication/SecurityConfigurationException.java b/xplan-security/src/main/java/de/latlon/xplanbox/security/authentication/SecurityConfigurationException.java
new file mode 100644
index 0000000000000000000000000000000000000000..b7b9da4d2bdae0711729905f024a1dfae7c134ec
--- /dev/null
+++ b/xplan-security/src/main/java/de/latlon/xplanbox/security/authentication/SecurityConfigurationException.java
@@ -0,0 +1,15 @@
+package de.latlon.xplanbox.security.authentication;
+
+/**
+ * Indicates a misconfiguration in the security module.
+ *
+ * @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
+ * @since 7.1
+ */
+public class SecurityConfigurationException extends Exception {
+
+ public SecurityConfigurationException(Throwable e) {
+ super(e);
+ }
+
+}
diff --git a/xplan-security/src/main/java/de/latlon/xplanbox/security/config/SecurityContext.java b/xplan-security/src/main/java/de/latlon/xplanbox/security/config/SecurityContext.java
new file mode 100644
index 0000000000000000000000000000000000000000..1bebe7c5513d2729cfa1b98b4297a3734627af09
--- /dev/null
+++ b/xplan-security/src/main/java/de/latlon/xplanbox/security/config/SecurityContext.java
@@ -0,0 +1,49 @@
+package de.latlon.xplanbox.security.config;
+
+import de.latlon.xplanbox.security.authentication.PropertiesFileUserDetailsManager;
+import de.latlon.xplanbox.security.authentication.SecurityConfigurationException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+/**
+ * @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
+ * @since 7.1
+ */
+@EnableWebSecurity
+@Configuration
+@Profile("enableSecurity")
+@ComponentScan(basePackages = { "de.latlon.xplanbox.security" })
+public class SecurityContext {
+
+ private static final Logger LOG = LoggerFactory.getLogger(SecurityContext.class);
+
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+ LOG.info("Configure security.");
+ http.csrf((csrf) -> csrf.disable()).authorizeRequests().anyRequest().authenticated().and().httpBasic();
+ return http.build();
+ }
+
+ @Bean
+ public PropertiesFileUserDetailsManager userDetailsService(
+ @Value("#{environment.XPLAN_SECURITY_USER_PROPERTIES_FILE}") String userPropertiesFile,
+ PasswordEncoder passwordEncoder) throws SecurityConfigurationException {
+ return new PropertiesFileUserDetailsManager(userPropertiesFile, passwordEncoder);
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return new BCryptPasswordEncoder();
+ }
+
+}
\ No newline at end of file
diff --git a/xplan-security/src/test/java/de/latlon/xplanbox/security/config/SecurityContextTest.java b/xplan-security/src/test/java/de/latlon/xplanbox/security/config/SecurityContextTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..4705d2f1e2940594d14c3a62163ed1a251e46d46
--- /dev/null
+++ b/xplan-security/src/test/java/de/latlon/xplanbox/security/config/SecurityContextTest.java
@@ -0,0 +1,19 @@
+package de.latlon.xplanbox.security.config;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ContextConfiguration;
+
+/**
+ * @author <a href="mailto:goltz@lat-lon.de">Lyn Goltz </a>
+ */
+@SpringBootTest
+@ContextConfiguration(classes = SecurityContext.class)
+public class SecurityContextTest {
+
+ @Test
+ public void contextLoad() {
+
+ }
+
+}
diff --git a/xplan-tests/xplan-tests-soapui/pom.xml b/xplan-tests/xplan-tests-soapui/pom.xml
index cb2cb464956f5ab467c78e02021f294257fc5fcd..081c6d3f09240f3f2d80430757ea54bfa614244f 100644
--- a/xplan-tests/xplan-tests-soapui/pom.xml
+++ b/xplan-tests/xplan-tests-soapui/pom.xml
@@ -90,6 +90,7 @@
<settingsFile>${basedir}/src/main/resources/soapui-settings.xml</settingsFile>
<outputFolder>${project.build.directory}/soapui</outputFolder>
<junitReport>true</junitReport>
+ <exportAll>true</exportAll>
<testFailIgnore>true</testFailIgnore>
<endpoint>${endpoint}</endpoint>
<username>${username}</username>
diff --git a/xplan-tests/xplan-tests-soapui/runAllSoapUiTests.sh b/xplan-tests/xplan-tests-soapui/runAllSoapUiTests.sh
index c199bb8c10ca63dd3f5ec8847f3df61b389b0f83..0caa5c19c3557774d1c5e331c2f6eb0c16d30e3a 100755
--- a/xplan-tests/xplan-tests-soapui/runAllSoapUiTests.sh
+++ b/xplan-tests/xplan-tests-soapui/runAllSoapUiTests.sh
@@ -48,7 +48,7 @@ echo "Transforming to PDF $REPORT_PATH_PDF..."
sed -i 's/display:none;//' target/site/surefire-report.html
weasyprint file://$PWD/target/site/surefire-report.html $REPORT_PATH_PDF
REPORT_PATH_TAR=target/test-report.tar.gz
-tar cfz $REPORT_PATH_TAR -C target/site .
+tar cfz $REPORT_PATH_TAR -C target site soapui
if [ "$XPLAN_UPLOAD_TEST_REPORT" = "true" ];
then