org.schedoscope.metascope.config.ProductionSpringConfiguration.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.schedoscope.metascope.config.ProductionSpringConfiguration.java

Introduction

Here is the source code for org.schedoscope.metascope.config.ProductionSpringConfiguration.java

Source

/**
 * Copyright 2017 Otto (GmbH & Co KG)
 * <p>
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * <p>
 * http://www.apache.org/licenses/LICENSE-2.0
 * <p>
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.schedoscope.metascope.config;

import com.typesafe.config.ConfigFactory;
import org.apache.commons.lang.ArrayUtils;
import org.schedoscope.conf.BaseSettings;
import org.schedoscope.metascope.index.SolrFacade;
import org.schedoscope.metascope.service.MetascopeUserService;
import org.schedoscope.metascope.task.MetascopeTask;
import org.schedoscope.metascope.task.metastore.MetastoreClient;
import org.schedoscope.metascope.task.metastore.MetastoreJdbcClient;
import org.schedoscope.metascope.task.metastore.MetastoreTask;
import org.schedoscope.metascope.task.SchedoscopeTask;
import org.schedoscope.metascope.task.StatusTask;
import org.schedoscope.metascope.task.metastore.MetastoreThriftClient;
import org.schedoscope.metascope.util.TaskMutex;
import org.schedoscope.metascope.util.ValidationQueryUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.scheduling.annotation.EnableAsync;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.web.session.HttpSessionEventPublisher;
import org.springframework.transaction.annotation.Transactional;

import javax.sql.DataSource;

/**
 * Configuration to secure the application (login)
 */
@Configuration
@ComponentScan
@EnableAsync
@EnableScheduling
@Profile("production")
public class ProductionSpringConfiguration extends WebSecurityConfigurerAdapter {

    @Autowired
    private MetascopeUserService metascopeUserService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        MetascopeConfig config = metascopeConfig();
        if (config.getAuthenticationMethod().equalsIgnoreCase("ldap")) {
            String[] allgroups = appendRolePrefix(config.getAllowedGroups(), config.getAdminGroups());
            String[] adminGroups = appendRolePrefix(config.getAdminGroups());
            http.authorizeRequests().antMatchers("/", "/?error=cred", "/status/*", "/model", "/expired").permitAll()
                    .antMatchers("/admin**").hasAnyAuthority(adminGroups).antMatchers("/admin/")
                    .hasAnyAuthority(adminGroups).antMatchers("/admin/**").hasAnyAuthority(adminGroups)
                    .antMatchers("/**").hasAnyAuthority(allgroups).anyRequest().authenticated().and().formLogin()
                    .loginPage("/").failureUrl("/?error=cred").defaultSuccessUrl("/home").and().logout()
                    .logoutSuccessUrl("/").and().rememberMe().and().exceptionHandling()
                    .accessDeniedPage("/accessdenied");
        } else {
            http.authorizeRequests().antMatchers("/", "/?error=cred", "/status/*", "/expired").permitAll()
                    .antMatchers("/admin**").hasAuthority("ROLE_ADMIN").antMatchers("/admin/")
                    .hasAuthority("ROLE_ADMIN").antMatchers("/admin/**").hasAuthority("ROLE_ADMIN").anyRequest()
                    .authenticated().and().formLogin().loginPage("/").failureUrl("/?error=cred").and().logout()
                    .logoutSuccessUrl("/").and().rememberMe().and().exceptionHandling()
                    .accessDeniedPage("/accessdenied");
        }
        http.sessionManagement().maximumSessions(1).expiredUrl("/expired").sessionRegistry(sessionRegistry());
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        MetascopeConfig config = metascopeConfig();
        if (config.getAuthenticationMethod().equalsIgnoreCase("ldap")) {
            auth.ldapAuthentication().userDnPatterns(config.getUserDnPattern())
                    .groupSearchBase(config.getGroupSearchBase()).contextSource(ldapContextSource());
        } else {
            auth.jdbcAuthentication().passwordEncoder(new ShaPasswordEncoder(256)).dataSource(dataSource())
                    .usersByUsernameQuery(
                            "select username,password_hash,'true' from metascope_user where username = ?")
                    .authoritiesByUsernameQuery("select username,userrole from metascope_user where username = ?");

            metascopeUserService.createAdminAccount();
        }

    }

    @Bean
    public LdapContextSource ldapContextSource() {
        MetascopeConfig config = metascopeConfig();
        LdapContextSource contextSource = new LdapContextSource();
        contextSource.setUrl(config.getLdapUrl());
        contextSource.setUserDn(config.getManagerDn());
        contextSource.setPassword(config.getManagerPassword());
        return contextSource;
    }

    @Bean
    public LdapTemplate ldapTemplate() {
        return new LdapTemplate(ldapContextSource());
    }

    @Bean
    public SessionRegistry sessionRegistry() {
        return new SessionRegistryImpl();
    }

    @Bean
    public ServletListenerRegistrationBean<HttpSessionEventPublisher> httpSessionEventPublisher() {
        return new ServletListenerRegistrationBean<HttpSessionEventPublisher>(new HttpSessionEventPublisher());
    }

    @Bean
    public MetascopeConfig metascopeConfig() {
        return new MetascopeConfig(new BaseSettings(ConfigFactory.load()));
    }

    @Bean
    public DataSource dataSource() {
        MetascopeConfig metascopeConfig = metascopeConfig();
        DataSource dataSource = DataSourceBuilder.create().username(metascopeConfig.getRepositoryUser())
                .password(metascopeConfig.getRepositoryPassword()).url(metascopeConfig.getRepositoryUrl()).build();

        if (dataSource instanceof org.apache.tomcat.jdbc.pool.DataSource) {
            org.apache.tomcat.jdbc.pool.DataSource tomcatDataSource = (org.apache.tomcat.jdbc.pool.DataSource) dataSource;
            tomcatDataSource.setTestOnBorrow(true);
            tomcatDataSource.setMaxIdle(10);
            tomcatDataSource.setMinIdle(1);
            tomcatDataSource.setTestWhileIdle(true);
            String validationQuery = ValidationQueryUtil.getValidationQuery(tomcatDataSource.getDriverClassName());
            tomcatDataSource.setValidationQuery(validationQuery);
        }

        return dataSource;
    }

    @Bean
    public SolrFacade solrFacade() {
        MetascopeConfig config = metascopeConfig();
        return new SolrFacade(config.getSolrUrl());
    }

    @Bean
    public TaskMutex taskMutex() {
        return new TaskMutex();
    }

    @Bean
    public MetascopeTask metascopeTask() {
        return new MetascopeTask();
    }

    @Bean
    public SchedoscopeTask syncTask() {
        return new SchedoscopeTask();
    }

    @Bean
    public MetastoreTask metastoreTask() {
        MetastoreClient metastoreClient = null;
        MetascopeConfig config = metascopeConfig();
        if (config.getMetastoreAccessMethod().equals("thrift")) {
            metastoreClient = new MetastoreThriftClient(config);
        } else if (config.getMetastoreAccessMethod().equals("jdbc")) {
            metastoreClient = new MetastoreJdbcClient(config);
        }
        return new MetastoreTask(metastoreClient);
    }

    @Bean
    public StatusTask statusTask() {
        return new StatusTask();
    }

    @Scheduled(initialDelay = 1000, fixedRate = 14400000)
    @Transactional
    public void runMetascopeTask() {
        metascopeTask().run();
    }

    @Scheduled(initialDelay = 1000, fixedRate = 60000)
    @Transactional
    public void runStatusTask() {
        statusTask().run(null, System.currentTimeMillis());
    }

    private String[] appendRolePrefix(String groups) {
        String[] groupsArray = groups.split(",");
        for (int i = 0; i < groupsArray.length; i++) {
            groupsArray[i] = "ROLE_" + groupsArray[i].toUpperCase();
        }
        return groupsArray;
    }

    private String[] appendRolePrefix(String allowedGroups, String adminGroups) {
        String[] allowedGroupArray = appendRolePrefix(allowedGroups);
        String[] adminGroupArray = appendRolePrefix(adminGroups);
        return (String[]) ArrayUtils.addAll(allowedGroupArray, adminGroupArray);
    }

}