docker profiles, docker compose, mysql entrypoint, security

Co-authored-by: Christoph <tobi@urpost.de>
2020-03-26 16:06:40 +01:00
parent f15d1f850d
commit 33e3d9d3f5
8 changed files with 38 additions and 45 deletions
--- a/src/main/java/mops/gruppen2/security/SecurityConfig.java
+++ b/src/main/java/mops/gruppen2/security/SecurityConfig.java
@ -48,7 +48,7 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {

    @Bean
    @Scope(scopeName = WebApplicationContext.SCOPE_REQUEST,
-            proxyMode = ScopedProxyMode.TARGET_CLASS)
+           proxyMode = ScopedProxyMode.TARGET_CLASS)
    public AccessToken getAccessToken() {
        HttpServletRequest request =
                ((ServletRequestAttributes) RequestContextHolder
@ -61,17 +61,14 @@ class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.authorizeRequests()
-                .antMatchers("/actuator/**")
-                .hasRole("monitoring")
-                .and()
-                .authorizeRequests()
-                .antMatchers("/h2-console/**")
-                .permitAll()
-                .anyRequest()
-                .permitAll();
-
-        http.csrf().disable();
-        http.headers().frameOptions().disable();
+            .antMatchers("/actuator/**")
+            .hasRole("monitoring")
+            .anyRequest()
+            .permitAll()
+            .and()
+            .csrf()
+            .ignoringAntMatchers("/gruppen2/createOrga")
+            .ignoringAntMatchers("/gruppen2/details/members/addUsersFromCsv");
    }

    /**