Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/1008#discussion_r185894824
--- Diff:
metron-interface/metron-rest/src/main/java/org/apache/metron/rest/config/WebSecurityConfig.java
---
@@ -87,13 +91,18 @@ public void configureJdbc(AuthenticationManagerBuilder
auth) throws Exception {
List<String> activeProfiles =
Arrays.asList(environment.getActiveProfiles());
if (activeProfiles.contains(MetronRestConstants.DEV_PROFILE) ||
activeProfiles.contains(MetronRestConstants.TEST_PROFILE))
{
- auth.jdbcAuthentication().dataSource(dataSource)
-
.withUser("user").password("password").roles(SECURITY_ROLE_USER).and()
-
.withUser("user1").password("password").roles(SECURITY_ROLE_USER).and()
-
.withUser("user2").password("password").roles(SECURITY_ROLE_USER).and()
-
.withUser("admin").password("password").roles(SECURITY_ROLE_USER,
SECURITY_ROLE_ADMIN);
+ auth.jdbcAuthentication().dataSource(dataSource)
+
.withUser("user").password("password").roles(SECURITY_ROLE_USER).and()
+
.withUser("user1").password("password").roles(SECURITY_ROLE_USER).and()
+
.withUser("user2").password("password").roles(SECURITY_ROLE_USER).and()
+
.withUser("admin").password("password").roles(SECURITY_ROLE_USER,
SECURITY_ROLE_ADMIN);
} else {
auth.jdbcAuthentication().dataSource(dataSource);
}
}
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return NoOpPasswordEncoder.getInstance();
--- End diff --
Assuming it matches what was happening pre-upgrade, I'm fine with it for an
upgrade ticket.
Having a broader discussion outside this PR is a good idea. Would you be
able to kick off a discuss thread regarding current vs. proposed feature state?
It seems like that discussion should be had regardless of this PR.
---
