From 6378ec051754792f488372ef6f980511787e9a0b Mon Sep 17 00:00:00 2001 From: "Popescu, Serban" Date: Wed, 6 Feb 2019 13:15:33 -0500 Subject: Optionally disable client authentication based on an env. variable, client authentication can be disabled Change-Id: Ie7790c1ec6c253c0b91358d56fd32cf588a01183 Issue-ID: AAI-2132 Signed-off-by: Serban Popescu --- src/main/java/org/onap/aai/spike/SpikeApplication.java | 4 ++++ src/main/resources/application.properties | 1 - 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/onap/aai/spike/SpikeApplication.java b/src/main/java/org/onap/aai/spike/SpikeApplication.java index fed74af..bbc29fe 100644 --- a/src/main/java/org/onap/aai/spike/SpikeApplication.java +++ b/src/main/java/org/onap/aai/spike/SpikeApplication.java @@ -61,6 +61,10 @@ public class SpikeApplication extends SpringBootServletInitializer { props.put("schema.service.ssl.key-store-password", Password.deobfuscate(keyStorePassword)); props.put("schema.service.ssl.trust-store-password", Password.deobfuscate(keyStorePassword)); + String requireClientAuth = System.getenv("REQUIRE_CLIENT_AUTH"); + props.put("server.ssl.client-auth", + Boolean.FALSE.toString().equalsIgnoreCase(requireClientAuth) ? "want" : "need"); + new SpikeApplication().configure(new SpringApplicationBuilder(SpikeApplication.class).properties(props)) .run(args); } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 2baa523..90cb740 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -5,7 +5,6 @@ SERVICE_BEANS=dynamic/conf server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore server.ssl.enabled=true -server.ssl.client-auth=need server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 schema.ingest.file=${CONFIG_HOME}/schema-ingest.properties -- cgit 1.2.3-korg