Move access configuration from web.xml to Java Config wherever possible

[adamczykba]

Summary
Right now, authorization configuration for REST API modules are provided inside of web.xml.
It is needed to check (and if possible - apply) wether it is possible to replace this web.xml config with java configuration.

Details
N/A

Acceptance criteria

• check if it possible to configure rest api acces in java config
• • all modules have configuration in java classes

Additional context
N/A

[Crystalzord]

There are few annotations that might help us to do configure login-auth and security constraints, but those are ment for servlets. I think the effort to configure this is too big right now therefore I move this to backlog due to higher priority tasks.

From the documentation:

Use the @WebServlet annotation to define a servlet component in a web application. This annotation is specified on a class and contains metadata about the servlet being declared. The annotated servlet must specify at least one URL pattern. This is done by using the urlPatterns or value attribute on the annotation.

To specify security for a servlet, use the @ServletSecurity annotation.

For a servlet, the @HttpConstraint and @HttpMethodConstraint annotations accept a rolesAllowed element that specifies the authorized roles.

Also what might be helpful: https://www.baeldung.com/java-ee-8-security (but its Java EE 8 tho...)