Merge "Support disabling host verification in naming service"

author: Dan Timoney <dtimoney@att.com> 2021-10-25 14:04:34 +0000
committer: Gerrit Code Review <gerrit@onap.org> 2021-10-25 14:04:34 +0000
commit: 5d17c0d2cf6bc32d14f3d6227399cb409a617d34 (patch)
tree: 6a11c831786288b7baa94a9fdcd92a200efcaef0 /ms/neng/src/main
parent: 09051f14f1b18de1ed674e30ad0d7d6956a8f0c3 (diff)
parent: d042a3e7d532e1fd46c6d6248ab824aab9376a0f (diff)
4 files changed, 46 insertions, 3 deletions
diff --git a/ms/neng/src/main/compose/docker-compose.yaml b/ms/neng/src/main/compose/docker-compose.yaml
index 09c588a0..2a9f373c 100644
--- a/ms/neng/src/main/compose/docker-compose.yaml
+++ b/ms/neng/src/main/compose/docker-compose.yaml
@@ -30,4 +30,17 @@ services:
        NENG_DB_URL: "jdbc:mysql://mariadb-galera:3306/neng"
        NENG_DB_USER: "${NENG_DB_USER}"
        NENG_DB_PASS: "${NENG_DB_PASS}"
+       POL_CLIENT_AUTH: "${POL_CLIENT_AUTH}"
+       POL_BASIC_AUTH_USER: "${POL_BASIC_AUTH_USER}"
+       POL_BASIC_AUTH_PASSWORD: "${POL_BASIC_AUTH_PASSWORD}"
+       POL_URL: "${POL_URL}"
+       POL_ENV: "${POL_ENV}"
+       POL_REQ_ID: "${POL_REQ_ID}"
+       AAI_CERT_PASS: "${AAI_CERT_PASS}"
+       AAI_CERT_PATH: "${AAI_CERT_PATH}"
+       AAI_URI: "${AAI_URI}"
+       AAI_AUTH: "${AAI_AUTH}"
+       DISABLE_HOST_VERIFICATION: "${DISABLE_HOST_VERIFICATION:-false}"
+
+
 
diff --git a/ms/neng/src/main/compose/env b/ms/neng/src/main/compose/env
new file mode 100644
index 00000000..94c73841
--- /dev/null
+++ b/ms/neng/src/main/compose/env
@@ -0,0 +1,18 @@
+export NENG_DB_PORT=13306
+export NENG_DB_USER=neng
+export NENG_DB_ROOT=itsASecret
+export NENG_DB_PASSWORD=neng1234
+export NENG_DB_PASS=neng1234
+export NENG_SERV_PORT=16606
+export POL_CLIENT_AUTH="cHl0aG9uOnRlc3Q="
+export POL_BASIC_AUTH_USER=healthcheck
+export POL_BASIC_AUTH_PASSWORD="zb!XztG34"
+export POL_URL="https://policy-xacml-pdp:6969/policy/pdpx/v1/decision"
+export POL_ENV=TEST
+export POL_REQ_ID=xx
+export AAI_CERT_PASS=changeit
+export AAI_CERT_PATH=/opt/etc/config/aai_keystore
+export AAI_URI=https://aai:8443/aai/v14/
+export AAI_AUTH="QUFJOkFBSQ=="
+
+
diff --git a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/extinf/props/PolicyManagerProps.java b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/extinf/props/PolicyManagerProps.java
index e84d5b69..56a6da2c 100644
--- a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/extinf/props/PolicyManagerProps.java
+++ b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/extinf/props/PolicyManagerProps.java
@@ -35,6 +35,7 @@ public class PolicyManagerProps {
     String version;
     String environment;
     String ecompRequestId;
+    Boolean disableHostVerification = Boolean.FALSE;
 
     /**
      * Property passed to policy manager in the ClientAuth header.
@@ -54,6 +55,7 @@ public class PolicyManagerProps {
         return basicAuth;
     }
 
+
     public void setBasicAuth(String basicAuth) {
         this.basicAuth = basicAuth;
     }
@@ -102,4 +104,14 @@ public class PolicyManagerProps {
         this.version = version;
     }
 
+    /**
+     * Disable host name verification
+     */
+    public Boolean getDisableHostVerification() {
+        return disableHostVerification;
+    }
+
+    public void setDisableHostVerification(Boolean disableHostVerification) {
+        this.disableHostVerification = disableHostVerification;
+    }
 }
diff --git a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
index 33510332..6ae3c204 100644
--- a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
+++ b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
@@ -141,7 +141,7 @@ public class PolicyFinderServiceImpl implements PolicyFinder {
         RequestEntity<T> re = RequestEntity.post(new URI(policManProps.getUrl()))
                         .accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).body(request);
         try {
-            ResponseEntity<Object> resp = getRestTemplate().exchange(re, Object.class);
+            ResponseEntity<Object> resp = getRestTemplate(policManProps.getDisableHostVerification()).exchange(re, Object.class);
             if (HttpStatus.OK.equals(resp.getStatusCode())) {
                 ObjectMapper objectmapper = new ObjectMapper();
                 String bodyStr = objectmapper.writeValueAsString(resp.getBody());
@@ -227,14 +227,14 @@ public class PolicyFinderServiceImpl implements PolicyFinder {
         }
     }
 
-    RestTemplate getRestTemplate() throws Exception {
+    RestTemplate getRestTemplate(Boolean disableHostVerification) throws Exception {
         if (restTemplate != null) {
             return restTemplate;
         }
         TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
         SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
                         .loadTrustMaterial(null, acceptingTrustStrategy).build();
-        HostnameVerifier verifier = new AcceptIpAddressHostNameVerifier();
+        HostnameVerifier verifier = new AcceptIpAddressHostNameVerifier(disableHostVerification);
         SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, verifier);
         CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(csf).build();
         HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
author	Dan Timoney <dtimoney@att.com>	2021-10-25 14:04:34 +0000
committer	Gerrit Code Review <gerrit@onap.org>	2021-10-25 14:04:34 +0000
commit	5d17c0d2cf6bc32d14f3d6227399cb409a617d34 (patch)
tree	6a11c831786288b7baa94a9fdcd92a200efcaef0 /ms/neng/src/main
parent	09051f14f1b18de1ed674e30ad0d7d6956a8f0c3 (diff)
parent	d042a3e7d532e1fd46c6d6248ab824aab9376a0f (diff)