From fb4c5707d0f116cfd7438fa06e5273ce552345a7 Mon Sep 17 00:00:00 2001 From: Stela Stoykova Date: Thu, 13 Dec 2018 13:25:43 -0500 Subject: Optionally disable authorization via policy Added support for optional config parameter to disable authorization via policy. Change-Id: I79e3decee7ed4c5c02ceafa1e8655282c0e5fd3a Issue-ID: AAI-2005 Signed-off-by: Stela Stoykova --- src/main/java/org/onap/crud/service/CrudRestService.java | 16 +++++++++++++++- .../java/org/onap/crud/util/CrudServiceConstants.java | 1 + 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/onap/crud/service/CrudRestService.java b/src/main/java/org/onap/crud/service/CrudRestService.java index f975347..025f3d2 100644 --- a/src/main/java/org/onap/crud/service/CrudRestService.java +++ b/src/main/java/org/onap/crud/service/CrudRestService.java @@ -80,6 +80,7 @@ public class CrudRestService { Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName()); Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName()); private Auth auth; + private boolean authorizationEnabled; private String mediaType = MediaType.APPLICATION_JSON; public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override"; @@ -87,7 +88,14 @@ public class CrudRestService { public CrudRestService(AbstractGraphDataService graphDataService) throws Exception { this.graphDataService = graphDataService; - this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE); + + this.authorizationEnabled = Boolean.parseBoolean( + CrudProperties.get(CrudServiceConstants.CRD_AUTHORIZATION_ENABLED, "true")); + + this.auth = null; + if (this.authorizationEnabled) { + this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE); + } } // For unit testing @@ -1063,6 +1071,12 @@ public class CrudRestService { protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action, String authPolicyFunctionName, HttpHeaders headers) throws CrudException { + + if (!authorizationEnabled) { + validateRequestHeader(headers); + return true; + } + boolean isValid = false; try { String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite"); diff --git a/src/main/java/org/onap/crud/util/CrudServiceConstants.java b/src/main/java/org/onap/crud/util/CrudServiceConstants.java index ae5b464..fcde395 100644 --- a/src/main/java/org/onap/crud/util/CrudServiceConstants.java +++ b/src/main/java/org/onap/crud/util/CrudServiceConstants.java @@ -34,6 +34,7 @@ public class CrudServiceConstants { public static final String CRD_CHAMP_AUTH_FILE = CRD_HOME_AUTH + "champ-cert.p12"; public static final String CRD_DATAROUTER_AUTH_FILE = CRD_HOME_AUTH + "datarouter-cert.p12"; public static final String CRD_AUTH_POLICY_NAME = "crud"; + public static final String CRD_AUTHORIZATION_ENABLED = "crud.authorization.enabled"; public static final String CRD_ASYNC_REQUEST_TIMEOUT = "crud.async.request.timeout"; public static final String CRD_ASYNC_RESPONSE_PROCESS_POLL_INTERVAL = "crud.async.response.process.poll.interval"; public static final String CRD_COLLECTION_PROPERTIES_KEY = "crud.collection.properties.key"; -- cgit 1.2.3-korg