This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new 8dcd17128f Allow for easier subclassing for Console and Enduser
8dcd17128f is described below
commit 8dcd17128f3429748e29b38ba90c264c69392ec7
Author: Francesco Chicchiriccò <[email protected]>
AuthorDate: Wed May 31 14:57:29 2023 +0200
Allow for easier subclassing for Console and Enduser
---
.../client/console/SyncopeWebApplication.java | 65 ++++++++++++----------
.../console/src/main/resources/console.properties | 1 -
.../client/enduser/SyncopeWebApplication.java | 59 +++++++++++---------
.../enduser/src/main/resources/enduser.properties | 1 -
4 files changed, 71 insertions(+), 55 deletions(-)
diff --git
a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java
b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java
index 3aa49b6508..1ae3d19757 100644
---
a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java
+++
b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java
@@ -135,32 +135,8 @@ public class SyncopeWebApplication extends
WicketBootSecuredWebApplication {
this.policyTabProviders = policyTabProviders;
}
- @Override
- protected void init() {
- super.init();
-
- // Application settings
- IBootstrapSettings settings = new BootstrapSettings();
-
- // set theme provider
- settings.setThemeProvider(new SingleThemeProvider(new AdminLTE()));
-
- // install application settings
- Bootstrap.install(this, settings);
-
- getResourceSettings().setUseMinifiedResources(true);
- getResourceSettings().setUseDefaultOnMissingResource(true);
- getResourceSettings().setThrowExceptionOnMissingResource(false);
-
- getSecuritySettings().setAuthorizationStrategy(new
MetaDataRoleAuthorizationStrategy(this));
-
- lookup.getIdRepoPageClasses().
- forEach(cls ->
MetaDataRoleAuthorizationStrategy.authorize(cls, Constants.ROLE_AUTHENTICATED));
-
- getMarkupSettings().setStripWicketTags(true);
- getMarkupSettings().setCompressWhitespace(true);
-
- getRequestCycleListeners().add(new SyncopeUIRequestCycleListener() {
+ protected SyncopeUIRequestCycleListener
buildSyncopeUIRequestCycleListener() {
+ return new SyncopeUIRequestCycleListener() {
@Override
protected boolean isSignedIn() {
@@ -176,8 +152,10 @@ public class SyncopeWebApplication extends
WicketBootSecuredWebApplication {
protected IRequestablePage getErrorPage(final PageParameters
errorParameters) {
return new Login(errorParameters);
}
- });
+ };
+ }
+ protected void initSecurity() {
if (props.isxForward()) {
XForwardedRequestWrapperFactory.Config config = new
XForwardedRequestWrapperFactory.Config();
config.setProtocolHeader(props.getxForwardProtocolHeader());
@@ -193,6 +171,8 @@ public class SyncopeWebApplication extends
WicketBootSecuredWebApplication {
getRequestCycleListeners().add(new
WebSocketAwareResourceIsolationRequestCycleListener());
}
+ getCspSettings().blocking().unsafeInline();
+
getRequestCycleListeners().add(new IRequestCycleListener() {
@Override
@@ -203,7 +183,36 @@ public class SyncopeWebApplication extends
WicketBootSecuredWebApplication {
}
}
});
- getCspSettings().blocking().unsafeInline();
+ }
+
+ @Override
+ protected void init() {
+ super.init();
+
+ // Application settings
+ IBootstrapSettings settings = new BootstrapSettings();
+
+ // set theme provider
+ settings.setThemeProvider(new SingleThemeProvider(new AdminLTE()));
+
+ // install application settings
+ Bootstrap.install(this, settings);
+
+ getResourceSettings().setUseMinifiedResources(true);
+ getResourceSettings().setUseDefaultOnMissingResource(true);
+ getResourceSettings().setThrowExceptionOnMissingResource(false);
+
+ getSecuritySettings().setAuthorizationStrategy(new
MetaDataRoleAuthorizationStrategy(this));
+
+ lookup.getIdRepoPageClasses().
+ forEach(cls ->
MetaDataRoleAuthorizationStrategy.authorize(cls, Constants.ROLE_AUTHENTICATED));
+
+ getMarkupSettings().setStripWicketTags(true);
+ getMarkupSettings().setCompressWhitespace(true);
+
+ getRequestCycleListeners().add(buildSyncopeUIRequestCycleListener());
+
+ initSecurity();
mountPage("/login", getSignInPageClass());
diff --git a/client/idrepo/console/src/main/resources/console.properties
b/client/idrepo/console/src/main/resources/console.properties
index ca80121a36..bb85bedef2 100644
--- a/client/idrepo/console/src/main/resources/console.properties
+++ b/client/idrepo/console/src/main/resources/console.properties
@@ -79,7 +79,6 @@ console.security-headers.X-XSS-Protection=1; mode=block
console.security-headers.Strict-Transport-Security=max-age=31536000;
includeSubDomains; preload
console.security-headers.X-Content-Type-Options=nosniff
console.security-headers.X-Frame-Options=sameorigin
-#console.security-headers.Content-Security-Policy=default-src https:
##
# Disable CGLib Proxies
diff --git
a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java
b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java
index 887baf949a..824bcc5b40 100644
---
a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java
+++
b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java
@@ -98,29 +98,8 @@ public class SyncopeWebApplication extends
WicketBootSecuredWebApplication {
this.serviceOps = serviceOps;
}
- @Override
- protected void init() {
- super.init();
-
- // Application settings
- IBootstrapSettings settings = new BootstrapSettings();
-
- // set theme provider
- settings.setThemeProvider(new SingleThemeProvider(new AdminLTE()));
-
- // install application settings
- Bootstrap.install(this, settings);
-
- getResourceSettings().setUseMinifiedResources(true);
- getResourceSettings().setUseDefaultOnMissingResource(true);
- getResourceSettings().setThrowExceptionOnMissingResource(false);
-
-
getSecuritySettings().setAuthorizationStrategy(getAuthorizationStrategy());
-
- getMarkupSettings().setStripWicketTags(true);
- getMarkupSettings().setCompressWhitespace(true);
-
- getRequestCycleListeners().add(new SyncopeUIRequestCycleListener() {
+ protected SyncopeUIRequestCycleListener
buildSyncopeUIRequestCycleListener() {
+ return new SyncopeUIRequestCycleListener() {
@Override
protected boolean isSignedIn() {
@@ -136,8 +115,10 @@ public class SyncopeWebApplication extends
WicketBootSecuredWebApplication {
protected IRequestablePage getErrorPage(final PageParameters
errorParameters) {
return new Login(errorParameters);
}
- });
+ };
+ }
+ protected void initSecurity() {
if (props.isxForward()) {
XForwardedRequestWrapperFactory.Config config = new
XForwardedRequestWrapperFactory.Config();
config.setProtocolHeader(props.getxForwardProtocolHeader());
@@ -153,6 +134,8 @@ public class SyncopeWebApplication extends
WicketBootSecuredWebApplication {
getRequestCycleListeners().add(new
ResourceIsolationRequestCycleListener());
}
+ getCspSettings().blocking().unsafeInline();
+
getRequestCycleListeners().add(new IRequestCycleListener() {
@Override
@@ -163,7 +146,33 @@ public class SyncopeWebApplication extends
WicketBootSecuredWebApplication {
}
}
});
- getCspSettings().blocking().unsafeInline();
+ }
+
+ @Override
+ protected void init() {
+ super.init();
+
+ // Application settings
+ IBootstrapSettings settings = new BootstrapSettings();
+
+ // set theme provider
+ settings.setThemeProvider(new SingleThemeProvider(new AdminLTE()));
+
+ // install application settings
+ Bootstrap.install(this, settings);
+
+ getResourceSettings().setUseMinifiedResources(true);
+ getResourceSettings().setUseDefaultOnMissingResource(true);
+ getResourceSettings().setThrowExceptionOnMissingResource(false);
+
+
getSecuritySettings().setAuthorizationStrategy(getAuthorizationStrategy());
+
+ getMarkupSettings().setStripWicketTags(true);
+ getMarkupSettings().setCompressWhitespace(true);
+
+ getRequestCycleListeners().add(buildSyncopeUIRequestCycleListener());
+
+ initSecurity();
// Confirm password reset page
mountPage("/confirmpasswordreset", SelfConfirmPasswordReset.class);
diff --git a/client/idrepo/enduser/src/main/resources/enduser.properties
b/client/idrepo/enduser/src/main/resources/enduser.properties
index d42a7e93b0..2c1e1c56e8 100644
--- a/client/idrepo/enduser/src/main/resources/enduser.properties
+++ b/client/idrepo/enduser/src/main/resources/enduser.properties
@@ -70,7 +70,6 @@ enduser.security.headers.X-XSS-Protection=1; mode=block
enduser.security.headers.Strict-Transport-Security=max-age=31536000;
includeSubDomains; preload
enduser.security.headers.X-Content-Type-Options=nosniff
enduser.security.headers.X-Frame-Options=sameorigin
-#enduser.security.headers.Content-Security-Policy=default-src https:
##
# Disable CGLib Proxies
