From 4a87570c44f41bf19f550f9fed9ecf072db16d74 Mon Sep 17 00:00:00 2001
From: danielhanrahan <daniel.hanrahan@est.tech>
Date: Wed, 28 Feb 2024 07:13:50 +0000
Subject: Disable Spring Security and HTTP Basic Auth (CPS-2126 #1)

This allows any authorization header to be passed in.

Issue-ID: CPS-2127
Signed-off-by: danielhanrahan <daniel.hanrahan@est.tech>
Change-Id: Ib1c5bd7024eed39afd1ae6e19325ed4733c853d4
---
 .../org/onap/cps/rest/controller/ControllerSecuritySpec.groovy     | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'cps-application/src/test/groovy/org/onap')

diff --git a/cps-application/src/test/groovy/org/onap/cps/rest/controller/ControllerSecuritySpec.groovy b/cps-application/src/test/groovy/org/onap/cps/rest/controller/ControllerSecuritySpec.groovy
index ccadc57240..b86f824888 100755
--- a/cps-application/src/test/groovy/org/onap/cps/rest/controller/ControllerSecuritySpec.groovy
+++ b/cps-application/src/test/groovy/org/onap/cps/rest/controller/ControllerSecuritySpec.groovy
@@ -20,19 +20,16 @@
 
 package org.onap.cps.rest.controller
 
-import org.onap.cps.config.WebSecurityConfig
-import org.springframework.context.annotation.Import
-
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get
 
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest
 import org.springframework.http.HttpStatus
 import org.springframework.test.web.servlet.MockMvc
+import spock.lang.Ignore
 import spock.lang.Specification
 
 @WebMvcTest(TestController)
-@Import(WebSecurityConfig)
 class ControllerSecuritySpec extends Specification {
 
     @Autowired
@@ -49,6 +46,7 @@ class ControllerSecuritySpec extends Specification {
             assert response.status == HttpStatus.OK.value()
     }
 
+    @Ignore // CPS-2126
     def 'Get request without authentication is not authorized'() {
         when: 'request is sent without authentication'
             def response = mvc.perform(get(testEndpoint)).andReturn().response
@@ -56,6 +54,7 @@ class ControllerSecuritySpec extends Specification {
             assert response.status == HttpStatus.UNAUTHORIZED.value()
     }
 
+    @Ignore // CPS-2126
     def 'Get request with invalid authentication is not authorized'() {
         when: 'request is sent with invalid authentication'
             def response = mvc.perform(
-- 
cgit 1.2.3-korg