Skip to content

Commit

Permalink
[SHIBUI-808]
Browse files Browse the repository at this point in the history 
fix configuration ordering
  • Loading branch information
@jj
jj committed Oct 8, 2018
1 parent e4b8be4 commit 1d02676
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 1 deletion.
4 changes: 3 additions & 1 deletion ...ain/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
package edu.internet2.tier.shibboleth.admin.ui.configuration.auto;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.boot.autoconfigure.AutoConfigureOrder;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.security.servlet.SpringBootWebSecurityConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
Expand All @@ -21,7 +23,7 @@
* Workaround for slashes in URL from [https://stackoverflow.com/questions/48453980/spring-5-0-3-requestrejectedexception-the-request-was-rejected-because-the-url]
*/
@Configuration
@AutoConfigureOrder(Integer.MAX_VALUE - 100)
@AutoConfigureBefore(SpringBootWebSecurityConfiguration.class)
@ConditionalOnMissingBean(WebSecurityConfigurerAdapter.class)
public class WebSecurityConfig {

Expand Down
12 changes: 12 additions & 0 deletions pac4j-module/src/main/java/net/unicon/shibui/pac4j/WebSecurity.java
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
package net.unicon.shibui.pac4j;

import edu.internet2.tier.shibboleth.admin.ui.configuration.auto.WebSecurityConfig;
import org.pac4j.core.config.Config;
import org.pac4j.springframework.security.web.CallbackFilter;
import org.pac4j.springframework.security.web.SecurityFilter;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
Expand All @@ -13,12 +15,22 @@
import org.springframework.security.web.firewall.StrictHttpFirewall;

@Configuration
@AutoConfigureBefore(WebSecurityConfig.class)
public class WebSecurity {
@Bean("webSecurityConfig")
public WebSecurityConfigurerAdapter webSecurityConfigurerAdapter(final Config config) {
return new Pac4jWebSecurityConfigurerAdapter(config);
}

@Configuration
@Order(0)
public static class FaviconSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/favicon.ico").permitAll();
}
}

@Order(1)
public static class Pac4jWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
private final Config config;
Expand Down

0 comments on commit 1d02676

Please sign in to comment.