Add UserProvider

AbsaOSS · Aug 15, 2024 · 8249377 · 8249377
1 parent 85dac05
commit 8249377
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 3 deletions.
diff --git a/api/src/main/scala/za/co/absa/loginsvc/rest/SecurityConfig.scala b/api/src/main/scala/za/co/absa/loginsvc/rest/SecurityConfig.scala
@@ -64,11 +64,12 @@ class SecurityConfig@Autowired()(authConfigsProvider: AuthConfigProvider) {
           {
             val kerberos = new KerberosSPNEGOAuthenticationProvider(KerberosConfig)
 
+            val provider = kerberos.kerberosAuthenticationProvider()
             val serviceProvider = kerberos.kerberosServiceAuthenticationProvider()
 
             http.addFilterBefore(
               kerberos.spnegoAuthenticationProcessingFilter(
-                new ProviderManager(serviceProvider)),
+                new ProviderManager(provider, serviceProvider)),
               classOf[BasicAuthenticationFilter])
           }
       }

diff --git a/...ala/za/co/absa/loginsvc/rest/provider/kerberos/KerberosSPNEGOAuthenticationProvider.scala b/...ala/za/co/absa/loginsvc/rest/provider/kerberos/KerberosSPNEGOAuthenticationProvider.scala
@@ -20,8 +20,8 @@ import org.slf4j.LoggerFactory
 import org.springframework.core.io.FileSystemResource
 import org.springframework.security.authentication.{AuthenticationManager, BadCredentialsException}
 import org.springframework.security.core.userdetails.{UserDetails, UserDetailsService}
-import org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider
-import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator
+import org.springframework.security.kerberos.authentication.{KerberosAuthenticationProvider, KerberosServiceAuthenticationProvider}
+import org.springframework.security.kerberos.authentication.sun.{SunJaasKerberosClient, SunJaasKerberosTicketValidator}
 import org.springframework.security.kerberos.web.authentication.SpnegoAuthenticationProcessingFilter
 import za.co.absa.loginsvc.rest.config.auth.ActiveDirectoryLDAPConfig
 import za.co.absa.loginsvc.rest.model.KerberosUserDetails
@@ -55,6 +55,17 @@ class KerberosSPNEGOAuthenticationProvider(activeDirectoryLDAPConfig: ActiveDire
       filter
     }
 
+  def kerberosAuthenticationProvider(): KerberosAuthenticationProvider =
+  {
+    val provider: KerberosAuthenticationProvider  = new KerberosAuthenticationProvider()
+    val client: SunJaasKerberosClient = new SunJaasKerberosClient()
+
+    client.setDebug(kerberosDebug)
+    provider.setKerberosClient(client)
+    provider.setUserDetailsService(dummyUserDetailsService)
+    provider
+  }
+
   def kerberosServiceAuthenticationProvider(): KerberosServiceAuthenticationProvider =
     {
       val provider: KerberosServiceAuthenticationProvider = new KerberosServiceAuthenticationProvider()