YKI(Backend) Disable default authentication [deploy]

Opetushallitus · Oct 31, 2024 · e762a2a · e762a2a
1 parent c1fbace
commit e762a2a
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/backend/yki/src/main/java/fi/oph/yki/config/security/WebSecurityConfig.java b/backend/yki/src/main/java/fi/oph/yki/config/security/WebSecurityConfig.java
@@ -2,6 +2,8 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
@@ -31,4 +33,11 @@ public static HttpSecurity configCsrf(final HttpSecurity httpSecurity) throws Ex
       configurer.csrfTokenRepository(csrfTokenRepository).csrfTokenRequestHandler(requestHandler)
     );
   }
+
+  @Bean
+  public AuthenticationManager noopAuthenticationManager() {
+    return authentication -> {
+      throw new AuthenticationServiceException("Authentication is disabled");
+    };
+  }
 }