diff options
author | Popescu, Serban <serban.popescu@amdocs.com> | 2018-12-14 12:45:57 -0500 |
---|---|---|
committer | Serban Popescu <sp5226@att.com> | 2018-12-14 12:50:04 -0500 |
commit | 7ca6c2a19ee1971a402a6b7eaad4324d83fb236a (patch) | |
tree | 9ee93586950241ba49091c05b9eed76021a76993 /src/main/java/org | |
parent | 3f66d5f1ef60c60116589e73ec1207f9574840af (diff) |
Add option to bypass user authorization
the es.auth.authorization.enabled property, if set to false, will bypass
user authorization
Issue-ID: AAI-2007
Change-Id: I46e3e087ee13eacdf977bbdc9c439045b0072a33
Signed-off-by: Serban Popescu <serban.popescu@amdocs.com>
Diffstat (limited to 'src/main/java/org')
3 files changed, 27 insertions, 2 deletions
diff --git a/src/main/java/org/onap/aai/sa/rest/SearchServiceApi.java b/src/main/java/org/onap/aai/sa/rest/SearchServiceApi.java index 5247baa..d62bfd6 100644 --- a/src/main/java/org/onap/aai/sa/rest/SearchServiceApi.java +++ b/src/main/java/org/onap/aai/sa/rest/SearchServiceApi.java @@ -185,6 +185,12 @@ public class SearchServiceApi { protected boolean validateRequest(HttpHeaders headers, HttpServletRequest req, Action action, String authPolicyFunctionName) { + + boolean isUserAuthEnabled = ((ElasticSearchHttpController)documentStore).getElasticSearchConfig().useAuthorizationUser(); + if(! isUserAuthEnabled) { + return true; + } + SearchDbServiceAuth serviceAuth = new SearchDbServiceAuth(); String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite"); diff --git a/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/config/ElasticSearchConfig.java b/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/config/ElasticSearchConfig.java index 0d116f8..87d0378 100644 --- a/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/config/ElasticSearchConfig.java +++ b/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/config/ElasticSearchConfig.java @@ -40,6 +40,7 @@ public class ElasticSearchConfig { private String httpPort; private String javaApiPort; private String clusterName; + private String authorizationEnabled; public static final String ES_CLUSTER_NAME = "es.cluster-name"; public static final String ES_IP_ADDRESS = "es.ip-address"; @@ -51,6 +52,7 @@ public class ElasticSearchConfig { public static final String ES_KEY_STORE_ENC = "es.key-store-password"; public static final String ES_AUTH_USER = "es.auth-user"; public static final String ES_AUTH_ENC = "es.auth-password"; + public static final String ES_AUTH_ENABLED = "es.auth.authorization.enabled"; private static final String DEFAULT_URI_SCHEME = "http"; private static final String JAVA_API_PORT_DEFAULT = "9300"; @@ -66,6 +68,7 @@ public class ElasticSearchConfig { setHttpPort(props.getProperty(ES_HTTP_PORT)); setJavaApiPort(JAVA_API_PORT_DEFAULT); initializeAuthValues(props); + setAuthorizationEnabled(props.getProperty(ES_AUTH_ENABLED)); } @@ -161,12 +164,24 @@ public class ElasticSearchConfig { return authValue; } + public String getAuthorizationEnabled() { + return authorizationEnabled; + } + + public void setAuthorizationEnabled(String authorizationEnabled) { + this.authorizationEnabled = authorizationEnabled; + } + + public boolean useAuthorizationUser() { + return getAuthorizationEnabled()== null? true : Boolean.parseBoolean(getAuthorizationEnabled()); + } + @Override public String toString() { return String.format( - "%s://%s:%s (cluster=%s) (API port=%s)%nauth=%s%ntrustStore=%s (passwd %s)%nkeyStore=%s (passwd %s)", + "%s://%s:%s (cluster=%s) (API port=%s)%nauth=%s%ntrustStore=%s (passwd %s)%nkeyStore=%s (passwd %s)%nauthorizationUser=%s", uriScheme, ipAddress, httpPort, clusterName, javaApiPort, useAuth(), trustStore, - trustStorePassword != null, keyStore, keyStorePassword != null); + trustStorePassword != null, keyStore, keyStorePassword != null, useAuthorizationUser()); } private void initializeAuthValues(Properties props) { diff --git a/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/dao/ElasticSearchHttpController.java b/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/dao/ElasticSearchHttpController.java index 759c997..c4a52b4 100644 --- a/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/dao/ElasticSearchHttpController.java +++ b/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/dao/ElasticSearchHttpController.java @@ -176,6 +176,10 @@ public class ElasticSearchHttpController implements DocumentStoreInterface { return analysisConfig; } + public ElasticSearchConfig getElasticSearchConfig() { + return config; + } + @Override public OperationResult createIndex(String index, DocumentSchema documentSchema) { try { |