diff options
author | Kajur, Harish (vk250x) <vk250x@att.com> | 2018-09-17 14:38:03 -0400 |
---|---|---|
committer | Kajur, Harish (vk250x) <vk250x@att.com> | 2018-09-17 15:11:57 -0400 |
commit | 04d41b5f618d52e61f5c6b28497b391fb8cb31c7 (patch) | |
tree | b4eb2c1bdde1779d8c308f1795b4e7eff2366a51 | |
parent | 35eb53917330cb1ce07789eafba5bc129327c9d0 (diff) |
Disable authorization for /util/echo
Issue-ID: AAI-1612
Change-Id: I12a14eacb85ed33296e1db5edf77d8abb250d239
Signed-off-by: Kajur, Harish (vk250x) <vk250x@att.com>
3 files changed, 14 insertions, 3 deletions
diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java index 22cd2cc..653fc51 100644 --- a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java +++ b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java @@ -56,6 +56,9 @@ public class AafAuthorizationFilter extends OrderedRequestContextFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { String permission = String.format("%s|%s|%s", type, instance, request.getMethod().toLowerCase()); + if(request.getRequestURI().matches("^.*/util/echo$")){ + filterChain.doFilter(request, response); + } if(!request.isUserInRole(permission)){ errorResponse(request, response); }else{ diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java index a1047e0..f1aa7c1 100644 --- a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java +++ b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java @@ -55,9 +55,13 @@ public class AafFilter extends OrderedRequestContextFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { - cadiFilter.doFilter(request, response, filterChain); - if(response.getStatus() >=400 && response.getStatus() < 500){ - errorResponse(request, response); + if(!request.getRequestURI().matches("^.*/util/echo$")){ + cadiFilter.doFilter(request, response, filterChain); + if(response.getStatus() >=400 && response.getStatus() < 500){ + errorResponse(request, response); + } + } else { + filterChain.doFilter(request, response); } } diff --git a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java index 1f8a6ec..a6c5ed9 100644 --- a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java +++ b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java @@ -50,6 +50,10 @@ public class OneWaySslAuthorization extends AAIContainerFilter implements Contai public void filter(ContainerRequestContext containerRequestContext) throws IOException { + if(containerRequestContext.getUriInfo().getRequestUri().getPath().matches("^.*/util/echo$")){ + return; + } + String basicAuth = containerRequestContext.getHeaderString("Authorization"); List<MediaType> acceptHeaderValues = containerRequestContext.getAcceptableMediaTypes(); |