Skip to content

Commit

Permalink
Feature/secure cockpit (#652)
Browse files Browse the repository at this point in the history
* implementing secure cockpit

* implement secure cockpit via gateway

* #402: add camunda plugin filter rule

* integration of groups

* fixed review comments

* deactivating CSRF filter of Camunda Webapps

---------

Co-authored-by: stephan.strehler <[email protected]>
  • Loading branch information
zambrovski and StephanStrehlerCGI authored Sep 7, 2023
1 parent fcc59ce commit bfb4e6c
Show file tree
Hide file tree
Showing 3 changed files with 27 additions and 2 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
package de.muenchen.oss.digiwf.cockpit.security.camunda;

import org.springframework.boot.web.servlet.ServletContextInitializer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
* Disable CSRF Camunda Filter.
*
* <a href="https://forum.camunda.io/t/how-to-disable-csrfpreventionfilter/13095/8">Camunda Forum</a>
*/
@Configuration
public class CsrfDisablingConfiguration {
private static final String CSRF_PREVENTION_FILTER = "CsrfPreventionFilter";

/**
* Overwrite csrf filter from Camunda configured here
* org.camunda.bpm.spring.boot.starter.webapp.CamundaBpmWebappInitializer
* org.camunda.bpm.spring.boot.starter.webapp.filter.SpringBootCsrfPreventionFilter
* Is configured with basically a 'no-op' filter
*/
@Bean
public ServletContextInitializer csrfOverwrite() {
return servletContext -> servletContext.addFilter(CSRF_PREVENTION_FILTER, (request, response, chain) -> chain.doFilter(request, response));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,6 @@ logging:
level:
de.muenchen.oss.digiwf.legacy.form.domain.service.FormService: WARN
de.muenchen.oss.digiwf.shared.configuration: DEBUG
org.springframework.boot.web: TRACE
org.springframework.boot.web: DEBUG
org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping: TRACE

Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
Expand Down

0 comments on commit bfb4e6c

Please sign in to comment.