diff options
| author |   Instrumental <jonathan.gathman@att.com> | 2019-07-24 14:42:22 -0500 |
|---|---|---|
| committer | Instrumental <jonathan.gathman@att.com> | 2019-07-24 14:47:51 -0500 |
| commit | b3a6814af9ab63fa59d0233f5d2ebb032f0b1597 (patch) | |
| tree | 9b4579eb2efbc8fab6a6491df6114172642a1640 /auth/auth-certman | |
| parent | e9529d3deb86757d7b2eabaff4696c146cd0bad8 (diff) | |
update Agent for Helm
Issue-ID: AAF-904
Change-Id: I015cd19dcf95d1edfd86542750acc95447726120
Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'auth/auth-certman')
| -rw-r--r-- | auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java index 6ebcadac..26b3a22a 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java @@ -90,6 +90,7 @@ public class CMService { private final ArtiDAO artiDAO; private AAF_CM certManager; private Boolean allowIgnoreIPs; + private Boolean alwaysIgnoreIPs; // @SuppressWarnings("unchecked") public CMService(final AuthzTrans trans, AAF_CM certman) throws APIException, IOException { @@ -110,9 +111,14 @@ public class CMService { "*", "read" ); - allowIgnoreIPs = Boolean.valueOf(certman.access.getProperty(Config.CM_ALLOW_IGNORE_IPS, "false")); - if(allowIgnoreIPs) { - trans.env().access().log(Level.INIT, "Allowing DNS Evaluation to be turned off with <ns>.certman|<ca name>|"+IGNORE_IPS); + alwaysIgnoreIPs = Boolean.valueOf(certman.access.getProperty(Config.CM_ALWAYS_IGNORE_IPS, "false")); + if(alwaysIgnoreIPs) { + trans.env().access().log(Level.INIT, "DNS Evaluation for Cert Creation is turned off with " + Config.CM_ALWAYS_IGNORE_IPS ); + } else { + allowIgnoreIPs = Boolean.valueOf(certman.access.getProperty(Config.CM_ALLOW_IGNORE_IPS, "false")); + if(allowIgnoreIPs) { + trans.env().access().log(Level.INIT, "Allowing DNS Evaluation to be turned off with <ns>.certman|<ca name>|"+IGNORE_IPS); + } } } @@ -140,7 +146,9 @@ public class CMService { Organization org = trans.org(); boolean ignoreIPs; - if(allowIgnoreIPs) { + if(alwaysIgnoreIPs) { + ignoreIPs=true; + } else if(allowIgnoreIPs) { ignoreIPs = trans.fish(new AAFPermission(mechNS,CERTMAN, ca.getName(), IGNORE_IPS)); } else { ignoreIPs = false; |