From 5ebb13f7f16a07f342d8a818d6d2c43d75213da5 Mon Sep 17 00:00:00 2001 From: "Kajur, Harish (vk250x)" Date: Mon, 17 Sep 2018 15:11:26 -0400 Subject: Disable authorization for /util/echo Issue-ID: AAI-1612 Change-Id: I2d34d2a3eb7f80fe852ad799cc195132cad99ac0 Signed-off-by: Kajur, Harish (vk250x) --- .../main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java | 5 +++++ .../src/main/java/org/onap/aai/config/aaf/AafFilter.java | 8 +++++--- .../org/onap/aai/interceptors/pre/OneWaySslAuthorization.java | 4 ++++ 3 files changed, 14 insertions(+), 3 deletions(-) (limited to 'aai-traversal/src/main/java/org/onap') diff --git a/aai-traversal/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java b/aai-traversal/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java index 4191b06..a64d3e5 100644 --- a/aai-traversal/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java +++ b/aai-traversal/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java @@ -59,6 +59,11 @@ public class AafAuthorizationFilter extends OrderedRequestContextFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { + + if(request.getRequestURI().matches("^.*/util/echo$")){ + filterChain.doFilter(request, response); + } + boolean containsWordGremlin = request.getReader().lines().collect(Collectors.joining(System.lineSeparator())).contains("\"gremlin\""); //if the request contains the word "gremlin" it's an advanced query String queryType = containsWordGremlin ? ADVANCED : BASIC; diff --git a/aai-traversal/src/main/java/org/onap/aai/config/aaf/AafFilter.java b/aai-traversal/src/main/java/org/onap/aai/config/aaf/AafFilter.java index ff86119..6295c8e 100644 --- a/aai-traversal/src/main/java/org/onap/aai/config/aaf/AafFilter.java +++ b/aai-traversal/src/main/java/org/onap/aai/config/aaf/AafFilter.java @@ -55,9 +55,11 @@ public class AafFilter extends OrderedRequestContextFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { - cadiFilter.doFilter(request, response, filterChain); - if(response.getStatus() >=400 && response.getStatus() < 500){ - errorResponse(request, response); + if(!request.getRequestURI().matches("^.*/util/echo$")) { + cadiFilter.doFilter(request, response, filterChain); + if (response.getStatus() >= 400 && response.getStatus() < 500) { + errorResponse(request, response); + } } } diff --git a/aai-traversal/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java b/aai-traversal/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java index 1f8a6ec..a6c5ed9 100644 --- a/aai-traversal/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java +++ b/aai-traversal/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java @@ -50,6 +50,10 @@ public class OneWaySslAuthorization extends AAIContainerFilter implements Contai public void filter(ContainerRequestContext containerRequestContext) throws IOException { + if(containerRequestContext.getUriInfo().getRequestUri().getPath().matches("^.*/util/echo$")){ + return; + } + String basicAuth = containerRequestContext.getHeaderString("Authorization"); List acceptHeaderValues = containerRequestContext.getAcceptableMediaTypes(); -- cgit 1.2.3-korg