summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPopescu, Serban <serban.popescu@amdocs.com>2019-02-06 13:15:33 -0500
committerSerban Popescu <serban.popescu@amdocs.com>2019-02-06 13:25:12 -0500
commit6378ec051754792f488372ef6f980511787e9a0b (patch)
tree45cd1c86c892e258b70c37040a3d3a55e9cf6608 /src
parent69d4c0a747053473355ee82aa426589324e50d82 (diff)
Optionally disable client authentication
based on an env. variable, client authentication can be disabled Change-Id: Ie7790c1ec6c253c0b91358d56fd32cf588a01183 Issue-ID: AAI-2132 Signed-off-by: Serban Popescu <serban.popescu@amdocs.com>
Diffstat (limited to 'src')
-rw-r--r--src/main/java/org/onap/aai/spike/SpikeApplication.java4
-rw-r--r--src/main/resources/application.properties1
2 files changed, 4 insertions, 1 deletions
diff --git a/src/main/java/org/onap/aai/spike/SpikeApplication.java b/src/main/java/org/onap/aai/spike/SpikeApplication.java
index fed74af..bbc29fe 100644
--- a/src/main/java/org/onap/aai/spike/SpikeApplication.java
+++ b/src/main/java/org/onap/aai/spike/SpikeApplication.java
@@ -61,6 +61,10 @@ public class SpikeApplication extends SpringBootServletInitializer {
props.put("schema.service.ssl.key-store-password", Password.deobfuscate(keyStorePassword));
props.put("schema.service.ssl.trust-store-password", Password.deobfuscate(keyStorePassword));
+ String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH");
+ props.put("server.ssl.client-auth",
+ Boolean.FALSE.toString().equalsIgnoreCase(requireClientAuth) ? "want" : "need");
+
new SpikeApplication().configure(new SpringApplicationBuilder(SpikeApplication.class).properties(props))
.run(args);
}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 2baa523..90cb740 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -5,7 +5,6 @@ SERVICE_BEANS=dynamic/conf
server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
server.ssl.enabled=true
-server.ssl.client-auth=need
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
schema.ingest.file=${CONFIG_HOME}/schema-ingest.properties