diff options
| author |   Bansal, Nitin (nb121v) <nitin.bansal@amdocs.com> | 2019-01-23 14:35:24 -0500 |
|---|---|---|
| committer | Bansal, Nitin (nb121v) <nitin.bansal@amdocs.com> | 2019-01-23 14:36:41 -0500 |
| commit | df7904cca9c67ed7ce99e1d1d1c3a2c961a61445 (patch) | |
| tree | bd847f03d5d98832f9b2649345a65aee24d9151a | |
| parent | 6aa19e259dddf790e341948bbd160a498d58815b (diff) | |
optionally disable client auth in gizmo
optionally disable client auth in gizmo
Change-Id: I62ba93ce8ec29c08ee311ce585dae2b16bf405ac
Issue-ID: AAI-2116
Signed-off-by: Bansal, Nitin (nb121v) <nitin.bansal@amdocs.com>
| -rw-r--r-- | src/main/java/org/onap/crud/CrudApplication.java | 7 | ||||
| -rw-r--r-- | src/main/resources/application.properties | 1 |
2 files changed, 6 insertions, 2 deletions
diff --git a/src/main/java/org/onap/crud/CrudApplication.java b/src/main/java/org/onap/crud/CrudApplication.java index 05160d8..3c8e5f7 100644 --- a/src/main/java/org/onap/crud/CrudApplication.java +++ b/src/main/java/org/onap/crud/CrudApplication.java @@ -68,7 +68,12 @@ public class CrudApplication extends SpringBootServletInitializer{// NOSONAR props.put("schema.service.ssl.key-store-password", deobfuscatedKeyStorePassword); props.put("schema.service.ssl.trust-store-password", deobfuscatedKeyStorePassword); - + String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH"); + if (requireClientAuth == null || requireClientAuth.isEmpty()) { + props.put("server.ssl.client-auth", "need"); + }else { + props.put("server.ssl.client-auth",requireClientAuth.equals("true")?"need":"want"); + } new CrudApplication() .configure(new SpringApplicationBuilder(CrudApplication.class).properties(props)) diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 2b1f302..68c2aec 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -6,7 +6,6 @@ SERVICE_BEANS=dynamic/conf server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore server.ssl.enabled=true -server.ssl.client-auth=need server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 schema.ingest.file=${CONFIG_HOME}/schema-ingest.properties |