[SHIBUI-1058]

Removed test user from DevConfig. Removed completed todo. =] Added configuration class that enables method-level security.
TIER · Jan 28, 2019 · e9b7f80 · e9b7f80
1 parent 50b30e6
commit e9b7f80
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 9 deletions.
diff --git a/...end/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy b/...end/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy
@@ -79,14 +79,6 @@ class DevConfig {
                 emailAddress = 'anon@institution.edu'
                 roles.add(roleRepository.findByName('ROLE_ADMIN').get())
                 it
-            }, new User().with { // allow some shady fella
-                username = 'scalding@scaldingspoon.com'
-                password = '{noop}anonymous'
-                firstName = 'Jj!'
-                lastName = 'Jj!'
-                emailAddress = 'scalding@scaldingspoon.com'
-                roles.add(roleRepository.findByName('ROLE_ADMIN').get())
-                it
             }]
             users.each {
                 adminUserRepository.save(it)

diff --git a/...a/edu/internet2/tier/shibboleth/admin/ui/configuration/EndpointSecurityConfiguration.java b/...a/edu/internet2/tier/shibboleth/admin/ui/configuration/EndpointSecurityConfiguration.java
@@ -0,0 +1,16 @@
+package edu.internet2.tier.shibboleth.admin.ui.configuration;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
+
+/**
+ * @author Bill Smith (wsmith@unicon.net)
+ */
+@Configuration
+@EnableGlobalMethodSecurity(
+        prePostEnabled = true,
+        securedEnabled = true,
+        jsr250Enabled = true)
+public class EndpointSecurityConfiguration extends GlobalMethodSecurityConfiguration {
+}
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java
@@ -36,7 +36,6 @@ public Config config(final Pac4jConfigurationProperties pac4jConfigurationProper
         saml2Client.setName("Saml2Client");
         saml2Client.addAuthorizationGenerator(saml2ModelAuthorizationGenerator);
 
-        //TODO: pray
         SAML2Authenticator saml2Authenticator = new SAML2Authenticator(saml2ClientConfiguration.getAttributeAsId(), saml2ClientConfiguration.getMappedAttributes());
         saml2Authenticator.setProfileDefinition(new CommonProfileDefinition<>(p -> new BetterSAML2Profile(pac4jConfigurationProperties.getSaml2ProfileMapping().getUsername())));
         saml2Client.setAuthenticator(saml2Authenticator);