summaryrefslogtreecommitdiffstats
path: root/auth/auth-certman
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2019-07-24 14:42:22 -0500
committerInstrumental <jonathan.gathman@att.com>2019-07-24 14:47:51 -0500
commitb3a6814af9ab63fa59d0233f5d2ebb032f0b1597 (patch)
tree9b4579eb2efbc8fab6a6491df6114172642a1640 /auth/auth-certman
parente9529d3deb86757d7b2eabaff4696c146cd0bad8 (diff)
update Agent for Helm
Issue-ID: AAF-904 Change-Id: I015cd19dcf95d1edfd86542750acc95447726120 Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'auth/auth-certman')
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java16
1 files changed, 12 insertions, 4 deletions
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
index 6ebcadac..26b3a22a 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
@@ -90,6 +90,7 @@ public class CMService {
private final ArtiDAO artiDAO;
private AAF_CM certManager;
private Boolean allowIgnoreIPs;
+ private Boolean alwaysIgnoreIPs;
// @SuppressWarnings("unchecked")
public CMService(final AuthzTrans trans, AAF_CM certman) throws APIException, IOException {
@@ -110,9 +111,14 @@ public class CMService {
"*",
"read"
);
- allowIgnoreIPs = Boolean.valueOf(certman.access.getProperty(Config.CM_ALLOW_IGNORE_IPS, "false"));
- if(allowIgnoreIPs) {
- trans.env().access().log(Level.INIT, "Allowing DNS Evaluation to be turned off with <ns>.certman|<ca name>|"+IGNORE_IPS);
+ alwaysIgnoreIPs = Boolean.valueOf(certman.access.getProperty(Config.CM_ALWAYS_IGNORE_IPS, "false"));
+ if(alwaysIgnoreIPs) {
+ trans.env().access().log(Level.INIT, "DNS Evaluation for Cert Creation is turned off with " + Config.CM_ALWAYS_IGNORE_IPS );
+ } else {
+ allowIgnoreIPs = Boolean.valueOf(certman.access.getProperty(Config.CM_ALLOW_IGNORE_IPS, "false"));
+ if(allowIgnoreIPs) {
+ trans.env().access().log(Level.INIT, "Allowing DNS Evaluation to be turned off with <ns>.certman|<ca name>|"+IGNORE_IPS);
+ }
}
}
@@ -140,7 +146,9 @@ public class CMService {
Organization org = trans.org();
boolean ignoreIPs;
- if(allowIgnoreIPs) {
+ if(alwaysIgnoreIPs) {
+ ignoreIPs=true;
+ } else if(allowIgnoreIPs) {
ignoreIPs = trans.fish(new AAFPermission(mechNS,CERTMAN, ca.getName(), IGNORE_IPS));
} else {
ignoreIPs = false;