diff --git a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthConfig.java b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthConfig.java index 45428ad5a..30826f1eb 100644 --- a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthConfig.java +++ b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthConfig.java @@ -65,8 +65,7 @@ public BasicAuthConfig(AuthConfig authConfig, BasicAuthProvider authProvider) { this.authProvider = authProvider; } - @Bean - public AuthenticationManager authManager(HttpSecurity http) throws Exception { + private AuthenticationManager authManager(HttpSecurity http) throws Exception { AuthenticationManagerBuilder authenticationManagerBuilder = http.getSharedObject(AuthenticationManagerBuilder.class); if (name == null || name.isEmpty() || password == null || password.isEmpty()) { @@ -95,6 +94,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http.csrf().disable(); http.formLogin() .and() + .authenticationManager(authManager(http)) .httpBasic() .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")); authConfig.configure(http); diff --git a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java index 02a53a003..32c1d97de 100644 --- a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java +++ b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java @@ -16,7 +16,6 @@ package com.netflix.spinnaker.gate.security.basic; import com.netflix.spinnaker.gate.services.OesAuthorizationService; -import com.netflix.spinnaker.gate.services.PermissionService; import java.util.ArrayList; import java.util.List; import java.util.stream.Collectors; @@ -39,7 +38,6 @@ @Component public class BasicAuthProvider implements AuthenticationProvider { - private final PermissionService permissionService; private final OesAuthorizationService oesAuthorizationService; @Value("${services.platform.enabled:false}") @@ -53,9 +51,7 @@ public class BasicAuthProvider implements AuthenticationProvider { private Boolean isFiatEnabled; @Autowired - public BasicAuthProvider( - PermissionService permissionService, OesAuthorizationService oesAuthorizationService) { - this.permissionService = permissionService; + public BasicAuthProvider(OesAuthorizationService oesAuthorizationService) { this.oesAuthorizationService = oesAuthorizationService; } @@ -72,14 +68,13 @@ public Authentication authenticate(Authentication authentication) throws Authent List grantedAuthorities = new ArrayList<>(); - if (roles != null && !roles.isEmpty() && permissionService != null) { + if (roles != null && !roles.isEmpty() && isPlatformEnabled) { grantedAuthorities.addAll( roles.stream() .map(role -> new SimpleGrantedAuthority(role)) .collect(Collectors.toList())); - // Updating roles in fiat service - permissionService.loginWithRoles(name, roles); log.debug("Platform service enabled value :{}", isPlatformEnabled); + // Updating roles in platform service if (isPlatformEnabled) { oesAuthorizationService.cacheUserGroups(roles, name);