Disable authorization for /util/echo

Issue-ID: AAI-1612 Change-Id: I12a14eacb85ed33296e1db5edf77d8abb250d239 Signed-off-by: Kajur, Harish (vk250x) <vk250x@att.com>
author: Kajur, Harish (vk250x) <vk250x@att.com> 2018-09-17 14:38:03 -0400
committer: Kajur, Harish (vk250x) <vk250x@att.com> 2018-09-17 15:11:57 -0400
commit: 04d41b5f618d52e61f5c6b28497b391fb8cb31c7 (patch)
tree: b4eb2c1bdde1779d8c308f1795b4e7eff2366a51
parent: 35eb53917330cb1ce07789eafba5bc129327c9d0 (diff)
3 files changed, 14 insertions, 3 deletions
diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java
index 22cd2cc..653fc51 100644
--- a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java
+++ b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java
@@ -56,6 +56,9 @@ public class AafAuthorizationFilter extends OrderedRequestContextFilter {
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
         String permission = String.format("%s|%s|%s", type, instance, request.getMethod().toLowerCase());
+        if(request.getRequestURI().matches("^.*/util/echo$")){
+            filterChain.doFilter(request, response);
+        }
         if(!request.isUserInRole(permission)){
             errorResponse(request, response);
         }else{
diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java
index a1047e0..f1aa7c1 100644
--- a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java
+++ b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java
@@ -55,9 +55,13 @@ public class AafFilter extends OrderedRequestContextFilter {
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
-        cadiFilter.doFilter(request, response, filterChain);
-        if(response.getStatus() >=400 && response.getStatus() < 500){
-            errorResponse(request, response);
+        if(!request.getRequestURI().matches("^.*/util/echo$")){
+            cadiFilter.doFilter(request, response, filterChain);
+            if(response.getStatus() >=400 && response.getStatus() < 500){
+                errorResponse(request, response);
+            }
+        } else {
+            filterChain.doFilter(request, response);
         }
     }
 
diff --git a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java
index 1f8a6ec..a6c5ed9 100644
--- a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java
+++ b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java
@@ -50,6 +50,10 @@ public class OneWaySslAuthorization extends AAIContainerFilter implements Contai
     public void filter(ContainerRequestContext containerRequestContext) throws IOException
     {
 
+        if(containerRequestContext.getUriInfo().getRequestUri().getPath().matches("^.*/util/echo$")){
+            return;
+        }
+
         String basicAuth = containerRequestContext.getHeaderString("Authorization");
         List<MediaType> acceptHeaderValues = containerRequestContext.getAcceptableMediaTypes();
author	Kajur, Harish (vk250x) <vk250x@att.com>	2018-09-17 14:38:03 -0400
committer	Kajur, Harish (vk250x) <vk250x@att.com>	2018-09-17 15:11:57 -0400
commit	04d41b5f618d52e61f5c6b28497b391fb8cb31c7 (patch)
tree	b4eb2c1bdde1779d8c308f1795b4e7eff2366a51
parent	35eb53917330cb1ce07789eafba5bc129327c9d0 (diff)