721: Move to YML-based configuration

Task-Url: https://minfba.de.dariah.eu/mantisbt/view.php?id=721

dariahsp-core/pom.xml

@@ -11,48 +11,39 @@
   <description>DARIAH wrapper to the Spring Security Saml Project</description>
 
   <dependencies>
-  	<!-- Dependencies without provided scope are included in the jar 
-  		 -> only dependencies needed for CLI methods should NOT have <scope>provided</scope> 
-  	-->
   	<dependency>
       <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-core</artifactId>
       <version>${org.springsecurity-version}</version>
-      <scope>compile</scope>
     </dependency>
   	
   	<dependency>
 		<groupId>eu.dariah.de.minfba.core</groupId>
 		<artifactId>core-metamodel</artifactId>
 		<version>${eu.dariah.de.minfba.core-metamodel.version}</version>
-		<scope>provided</scope>
 	</dependency>
   	<dependency>
   		<groupId>eu.dariah.eu</groupId>
     	<artifactId>spring-security-saml2-core</artifactId>
     	<version>${spring-security-saml2-core.version}</version>
-    	<scope>provided</scope>
   	</dependency>
   	
 	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-webmvc</artifactId>
 		<version>${org.springframework-version}</version>
-		<scope>provided</scope>
 	</dependency>
   	
   	<dependency>
 		<groupId>javax.servlet</groupId>
 		<artifactId>javax.servlet-api</artifactId>
 		<version>3.1.0</version>
-		<scope>provided</scope>
 	</dependency>
   	
   	<dependency>
 		<groupId>joda-time</groupId>
 		<artifactId>joda-time</artifactId>
 		<version>${joda-time-version}</version>
-		<scope>provided</scope>
 	</dependency>
   	
   	<!-- Logging -->
@@ -60,25 +51,21 @@
 		<groupId>org.slf4j</groupId>
 		<artifactId>slf4j-api</artifactId>
 		<version>${org.slf4j-version}</version>
-		<scope>compile</scope>
 	</dependency>
 	<dependency>
 	    <groupId>org.slf4j</groupId>
 	    <artifactId>jcl-over-slf4j</artifactId>
 	    <version>${org.slf4j-version}</version>
-	    <scope>compile</scope>
 	</dependency>
 	<dependency>
 		<groupId>ch.qos.logback</groupId>
 		<artifactId>logback-core</artifactId>
 		<version>${ch.qos.logback.version}</version>
-		<scope>compile</scope>
 	</dependency>
 	<dependency>
 		<groupId>ch.qos.logback</groupId>
 		<artifactId>logback-classic</artifactId>
 		<version>${ch.qos.logback.version}</version>
-		<scope>compile</scope>
 	</dependency>
   	
   	<!-- Commons -->
@@ -86,7 +73,6 @@
 		<groupId>commons-net</groupId>
 		<artifactId>commons-net</artifactId>
 		<version>3.6</version>
-		<scope>provided</scope>
 	</dependency>
 		
   </dependencies>

dariahsp-core/src/main/java/eu/dariah/de/dariahsp/web/AuthInfoHelper.java

@@ -20,12 +20,12 @@ public class AuthInfoHelper {
 	private static final Logger logger = LoggerFactory.getLogger(AuthInfoHelper.class);
 	
 	private RoleLevelVoter roleLevelVoter;
-	
+
 	
 	public RoleLevelVoter getRoleLevelVoter() { return roleLevelVoter; }
 	public void setRoleLevelVoter(RoleLevelVoter roleLevelVoter) { this.roleLevelVoter = roleLevelVoter; }
 	
-
+	
 	public AuthPojo getAuth(HttpServletRequest request) {	
 		return this.getCurrentUserDetails(request);
 	}

dariahsp-sample/pom.xml

@@ -12,6 +12,7 @@
 
 	<properties>
 		<org.apache.tiles-version>3.0.7</org.apache.tiles-version>
+		<eu.dariah.de.minfba.core-web.version>1.5.0-SNAPSHOT</eu.dariah.de.minfba.core-web.version>
 	</properties>
 	
 	<dependencies>
@@ -21,6 +22,11 @@
 			<artifactId>dariahsp-core</artifactId>
 			<version>${project.version}</version>
 		</dependency>
+		<dependency>
+			<groupId>eu.dariah.de.minfba.core</groupId>
+			<artifactId>core-web</artifactId>
+			<version>${eu.dariah.de.minfba.core-web.version}</version>
+		</dependency>
 		
 		<!-- Spring -->
 		<dependency>
@@ -95,6 +101,13 @@
 			<version>2.0.0-SNAPSHOT</version>
 		</dependency> -->
 		
+		<!-- For YAML based configurations -->
+		<dependency>
+		    <groupId>org.yaml</groupId>
+		    <artifactId>snakeyaml</artifactId>
+		    <version>1.18</version>
+		</dependency>
+		
 		<!-- Test Artifacts -->
 		<dependency>
 			<groupId>org.springframework</groupId>

dariahsp-sample/src/main/java/eu/dariah/de/dariahsp/sample/controller/HomeController.java

@@ -6,9 +6,15 @@ import javax.servlet.ServletContext;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.jboss.logging.Property;
+import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
 import org.springframework.core.env.Environment;
 import org.springframework.security.web.savedrequest.RequestCache;
 import org.springframework.stereotype.Controller;
@@ -23,12 +29,15 @@ import eu.dariah.de.dariahsp.web.RedirectCache;
 
 @Controller
 @RequestMapping(value="") 
-public class HomeController  {
+public class HomeController implements ApplicationContextAware  {
 	@Autowired private ServletContext servletContext;
 
 	@Autowired private RedirectCache redirectCache;
 	
 	@Autowired private AuthInfoHelper authInfoHelper;
+
+	@Autowired private PropertySourcesPlaceholderConfigurer conf;
+
 	
 	@Value("#{environment.saml?environment.saml:false}")
 	private boolean saml;
@@ -45,6 +54,10 @@ public class HomeController  {
 	
 	@RequestMapping(value = "/logout", method = RequestMethod.GET)
 	public String getLogout(@RequestParam(value = "error", required = false) String error, @RequestParam(value = "url", defaultValue = "/") String url, HttpServletRequest request, HttpServletResponse response, Model model) throws IOException  {
+		
+		//Object sasa = conf.getAppliedPropertySources().get("localProperties").getProperty("auth.local.test");
+		Object sasa2 = conf.getAppliedPropertySources().get("localProperties").getProperty("auth.local.huttut");
+		
 		if (saml && authInfoHelper.getCurrentUserDetails(request).isAuth()) {
 			return "redirect:/saml/logout" + (!url.equals("/") ? "?loginRedirectUrl=" + url : "");
 		} else if (!saml && authInfoHelper.getCurrentUserDetails(request).isAuth()) {
@@ -75,4 +88,10 @@ public class HomeController  {
 		model.addAttribute("redirectUrl", url);
 		return "common/login";
 	}
+
+	@Override
+	public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
+		// TODO Auto-generated method stub
+		applicationContext.toString();
+	}
 }

dariahsp-sample/src/main/resources/dariahsp.yml

+saml.local.userfile: classpath:dariahsp_localusers.json
+
+
+saml.keystore.path: /data/_srv/schereg/key/dfa-de-dariah-eu.jks
+
+# Uncomment if keystore is protected by password
+#saml.keystore.pass     : somepass
+
+saml.keystore.alias: dfa.de.dariah.eu
+
+# Alias pass is required, leave empty if no alias password is set in keystore
+saml.keystore.aliaspass: '' 
+
+
+saml.metadata.url: https://www.aai.dfn.de/fileadmin/metadata/dfn-aai-test-metadata.xml
+#saml.metadata.url      : https://www.aai.dfn.de/fileadmin/metadata/dfn-aai-basic-metadata.xml
+
+saml.sp.baseUrl: https://schereg.de.dariah.eu/schereg
+saml.sp.entityId: https://schereg.de.dariah.eu
+
+saml.sp.local: true
+saml.sp.alias: schereg
+#saml.sp.securityProfile  : metaiop
+#saml.sp.sslSecurityProfile : pkix
+
+#saml.sp.requireArtifactResolveSigned : false
+#saml.sp.requireLogoutRequestSigned : false
+#saml.sp.requireLogoutResponseSigned : false
+
+saml.sp.signMetadata    : true
+#saml.sp.signingAlgorithm : http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
+
+saml.sp.discovery: true
+saml.sp.discovery.url: https://wayf.aai.dfn.de/DFN-AAI-Test/wayf
+#saml.sp.discovery.url    : https://auth.dariah.eu/CDS/WAYF
+saml.sp.discovery.return: https://schereg.de.dariah.eu/schereg/saml/login/alias/schereg?disco:true
+saml.sp.ecpEnabled: true
+
+#saml.sp.allowedNameIds   : EMAIL, PERSISTENT, X509_SUBJECT
+#saml.sp.allowedNameIds    : EMAIL, TRANSIENT, PERSISTENT, UNSPECIFIED, X509_SUBJECT
+
+saml.sp.signingKey: dfa.de.dariah.eu
+saml.sp.encryptionKey: dfa.de.dariah.eu
+saml.sp.tlsKey: dfa.de.dariah.eu
+
+
+auth:
+ local: 
+   users:  
+     - username: 'tobias'
+       password: 'fuzzl'
+     - username: 'kathrin'
+       password: 'hanswurst'
+   huttut:
+    - affa: 'uffu0'
+      kaka: 
+       - pupu: lala0
+       - lulu: lolo0
+       - test: ['fupp0', 'fopp0']
+    - affa: 'uffu1'
+      kaka: 
+       - pupu: lala1
+       - lulu: lolo1
+       - test: ['fupp1', 'fopp1']
+   test: ['fupp', 'fopp'] 
+
+#saml.sp.attr.names      : urn:oid:1.3.6.1.4.1.5923.1.1.1.6, urn:oid:0.9.2342.19200300.100.1.3, urn:oid:1.3.6.1.4.1.5923.1.1.1.7, urn:oid:1.3.6.1.4.1.5923.1.1.1.9, urn:oid:2.16.840.1.113730.3.1.241 
+#saml.sp.attr.nameFormats  : urn:oasis:names:tc:SAML:2.0:attrname-format:uri, urn:oasis:names:tc:SAML:2.0:attrname-format:uri, urn:oasis:names:tc:SAML:2.0:attrname-format:uri, urn:oasis:names:tc:SAML:2.0:attrname-format:uri, urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+#saml.sp.attr.friendlyNames  : eduPersonPrincipalName, mail, eduPersonEntitlement, eduPersonScopedAffiliation, displayName
+#saml.sp.attr.required     : true, true, false, false, false
+
+#saml.sp.externalMetadata : /home/tobias/Downloads/spring_saml_metadata.xml
\ No newline at end of file

dariahsp-sample/src/main/resources/spring/root-context.xml

@@ -7,7 +7,7 @@
 		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
 
 
-	<bean id="configLocation" class="java.lang.String">
+	<!-- <bean id="configLocation" class="java.lang.String">
 		<constructor-arg value="classpath:dariahsp.conf" />
 	</bean>
 	<bean id="propertyPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
@@ -16,9 +16,23 @@
 				<value>classpath:dariahsp.conf</value>
 			</list>
 		</property>
+	</bean> -->
+	
+	<context:annotation-config/>
+	
+	<bean id="configLocation" class="java.lang.String">
+		<constructor-arg value="classpath:dariahsp.yml" />
+	</bean>
+	<bean id="properties" class="org.springframework.beans.factory.config.YamlPropertiesFactoryBean">
+	    <property name="resources" ref="configLocation"/>
+	</bean>
+
+	<bean class="eu.dariah.de.minfba.core.web.init.ListAwarePropertySourcesPlaceholderConfigurer">
+	    <property name="properties" ref="properties" />
+	    <property name="objectMapper" ref="objectMapper" />
 	</bean>
 	
-	<bean class="com.fasterxml.jackson.databind.ObjectMapper" />
+	<bean id="objectMapper" class="com.fasterxml.jackson.databind.ObjectMapper" />
 	
 	<context:component-scan base-package="eu.dariah.de.dariahsp.configuration" />
 </beans>
\ No newline at end of file

dariahsp-sample/src/main/resources/spring/servlet/servlet-context.xml

@@ -12,8 +12,9 @@
 	<mvc:annotation-driven />
 	<mvc:resources location="/resources/" mapping="/resources/**" cache-period="31556926"/>
 	
+	
 	<sec:global-method-security pre-post-annotations="enabled" secured-annotations="enabled" />
-
+<context:annotation-config/>
 	<mvc:interceptors>
 		<mvc:interceptor>
 			<mvc:mapping path="/**"/>