zervo/seb-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixes

Browse source
This commit is contained in:
anhefti 2019-07-18 20:22:18 +02:00
parent 565e048df9
commit ddf18579a9
3 changed files with 16 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/main/java/ch/ethz/seb/sebserver/webservice/WebServiceInit.java
View file

@ -11,8 +11,6 @@ package ch.ethz.seb.sebserver.webservice;
import java.net.InetAddress; import java.net.InetAddress;
import java.net.UnknownHostException; import java.net.UnknownHostException;
import javax.sql.DataSource;
import org.cryptonode.jncryptor.AES256JNCryptor; import org.cryptonode.jncryptor.AES256JNCryptor;
import org.cryptonode.jncryptor.JNCryptor; import org.cryptonode.jncryptor.JNCryptor;
import org.slf4j.Logger; import org.slf4j.Logger;
@ -26,11 +24,9 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Import;
import org.springframework.context.annotation.Lazy; import org.springframework.context.annotation.Lazy;
import org.springframework.core.env.Environment; import org.springframework.core.env.Environment;
import org.springframework.security.oauth2.provider.token.TokenStore;
import ch.ethz.seb.sebserver.gbl.Constants; import ch.ethz.seb.sebserver.gbl.Constants;
import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile; import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
import ch.ethz.seb.sebserver.webservice.weblayer.oauth.CachableJdbcTokenStore;
// TODO check if DataSourceAutoConfiguration and TokenStore bean definition is really needed here // TODO check if DataSourceAutoConfiguration and TokenStore bean definition is really needed here
// or if it is possible to move them to the WebServiceSecurityConfig. // or if it is possible to move them to the WebServiceSecurityConfig.
@ -70,12 +66,6 @@ public class WebServiceInit implements ApplicationListener<ApplicationReadyEvent
} }
@Lazy
@Bean
public TokenStore tokenStore(final DataSource dataSource) {
return new CachableJdbcTokenStore(dataSource);
}
@Lazy @Lazy
@Bean @Bean
public JNCryptor jnCryptor() { public JNCryptor jnCryptor() {

7
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/dao/impl/ConfigurationDAOBatchService.java
View file

@ -22,6 +22,8 @@ import org.joda.time.DateTime;
import org.joda.time.DateTimeZone; import org.joda.time.DateTimeZone;
import org.mybatis.dynamic.sql.SqlBuilder; import org.mybatis.dynamic.sql.SqlBuilder;
import org.mybatis.spring.SqlSessionTemplate; import org.mybatis.spring.SqlSessionTemplate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Lazy; import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@ -60,6 +62,8 @@ import ch.ethz.seb.sebserver.webservice.servicelayer.dao.ResourceNotFoundExcepti
* intensive write operation on Configuration domain. */ * intensive write operation on Configuration domain. */
class ConfigurationDAOBatchService { class ConfigurationDAOBatchService {
private static final Logger log = LoggerFactory.getLogger(ConfigurationDAOBatchService.class);
private final ConfigurationNodeRecordMapper batchConfigurationNodeRecordMapper; private final ConfigurationNodeRecordMapper batchConfigurationNodeRecordMapper;
private final ConfigurationValueRecordMapper batchConfigurationValueRecordMapper; private final ConfigurationValueRecordMapper batchConfigurationValueRecordMapper;
private final ConfigurationAttributeRecordMapper batchConfigurationAttributeRecordMapper; private final ConfigurationAttributeRecordMapper batchConfigurationAttributeRecordMapper;
@ -70,6 +74,9 @@ class ConfigurationDAOBatchService {
protected ConfigurationDAOBatchService( protected ConfigurationDAOBatchService(
@Qualifier(BatisConfig.SQL_BATCH_SESSION_TEMPLATE) final SqlSessionTemplate batchSqlSessionTemplate) { @Qualifier(BatisConfig.SQL_BATCH_SESSION_TEMPLATE) final SqlSessionTemplate batchSqlSessionTemplate) {
log.info("Registered MyBatis Mappers: {}",
batchSqlSessionTemplate.getConfiguration().getMapperRegistry().getMappers());
this.batchConfigurationNodeRecordMapper = this.batchConfigurationNodeRecordMapper =
batchSqlSessionTemplate.getMapper(ConfigurationNodeRecordMapper.class); batchSqlSessionTemplate.getMapper(ConfigurationNodeRecordMapper.class);
this.batchConfigurationValueRecordMapper = this.batchConfigurationValueRecordMapper =

9
src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java
View file

@ -13,6 +13,7 @@ import java.io.IOException;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import org.apache.catalina.filters.RemoteIpFilter; import org.apache.catalina.filters.RemoteIpFilter;
import org.slf4j.Logger; import org.slf4j.Logger;
@ -24,6 +25,7 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Import;
import org.springframework.context.annotation.Lazy;
import org.springframework.core.annotation.Order; import org.springframework.core.annotation.Order;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
@ -46,6 +48,7 @@ import org.springframework.security.web.AuthenticationEntryPoint;
import ch.ethz.seb.sebserver.WebSecurityConfig; import ch.ethz.seb.sebserver.WebSecurityConfig;
import ch.ethz.seb.sebserver.gbl.model.user.UserRole; import ch.ethz.seb.sebserver.gbl.model.user.UserRole;
import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile; import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
import ch.ethz.seb.sebserver.webservice.weblayer.oauth.CachableJdbcTokenStore;
import ch.ethz.seb.sebserver.webservice.weblayer.oauth.WebClientDetailsService; import ch.ethz.seb.sebserver.webservice.weblayer.oauth.WebClientDetailsService;
import ch.ethz.seb.sebserver.webservice.weblayer.oauth.WebserviceResourceConfiguration; import ch.ethz.seb.sebserver.webservice.weblayer.oauth.WebserviceResourceConfiguration;
@ -102,6 +105,12 @@ public class WebServiceSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:3600}") @Value("${sebserver.webservice.api.exam.accessTokenValiditySeconds:3600}")
private Integer examAccessTokenValSec; private Integer examAccessTokenValSec;
@Lazy
@Bean
public TokenStore tokenStore(final DataSource dataSource) {
return new CachableJdbcTokenStore(dataSource);
}
/** Used to get real remote IP address by using "X-Forwarded-For" and "X-Forwarded-Proto" header. /** Used to get real remote IP address by using "X-Forwarded-For" and "X-Forwarded-Proto" header.
* https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/filters/RemoteIpFilter.html * https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/filters/RemoteIpFilter.html
* *