Optionally disable client authentication

based on an env. variable, client authentication can be disabled

Change-Id: I6d787644ef1439b8e88dcc3dec7f5181b11b7f11
Issue-ID: AAI-2132
Signed-off-by: Serban Popescu <serban.popescu@amdocs.com>

2 files changed, 7 insertions, 1 deletions

diff --git a/src/main/java/org/onap/aai/sa/Application.java b/src/main/java/org/onap/aai/sa/Application.java
index f2b8db1..059ca22 100644
--- a/src/main/java/org/onap/aai/sa/Application.java
+++ b/src/main/java/org/onap/aai/sa/Application.java
@@ -46,6 +46,13 @@ public class Application extends SpringBootServletInitializer {
             props.put("server.ssl.trust-store-password", trustStorePassword);

         }

 

+        String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");

+        if (requireClientAuth == null || requireClientAuth.isEmpty()) {

+            props.put("server.ssl.client-auth", "need");

+        }else {

+            props.put("server.ssl.client-auth", Boolean.valueOf(requireClientAuth)? "need" : "want");

+        }

+		

         new Application().configure(new SpringApplicationBuilder(Application.class).properties(props)).run(args);

     }

 }

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 20dc028..7d169a7 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,5 +1,4 @@
 server.ssl.key-store=/opt/app/search-data-service/config/auth/tomcat_keystore

 server.ssl.enabled=true

 server.port=9509

-server.ssl.client-auth=need

 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2