diff options
author | Zlatko Murgoski <zlatko.murgoski@nokia.com> | 2019-06-07 18:09:53 +0200 |
---|---|---|
committer | Zlatko Murgoski <zlatko.murgoski@nokia.com> | 2019-06-07 18:53:41 +0200 |
commit | 28144714a27e0463e181924ac51fa74c48810489 (patch) | |
tree | 8f478580478b800d5fd972407d16e94e3ebdc050 /src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java | |
parent | 5caf0800a080d3ac4fb9573b319336160b2ebcba (diff) |
Basic auth not working
https://jira.onap.org/browse/DCAEGEN2-1541
Issue-ID: DCAEGEN2-1541
Change-Id: I61211b7a4693fea60b6da4bc460c2be47a41efa7
Signed-off-by: Zlatko Murgoski <zlatko.murgoski@nokia.com>
Diffstat (limited to 'src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java')
-rw-r--r-- | src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java index 7d3d2929..3da37c61 100644 --- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java +++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java @@ -23,7 +23,11 @@ import io.vavr.control.Option; import java.io.IOException; import java.security.cert.X509Certificate; import java.util.Base64; -import java.util.stream.Collectors; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.onap.dcae.ApplicationSettings; @@ -32,9 +36,10 @@ import org.onap.dcae.common.configuration.SubjectMatcher; import org.onap.dcaegen2.services.sdk.security.CryptPassword; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; +import org.springframework.stereotype.Component; -final class ApiAuthInterceptor extends HandlerInterceptorAdapter { +@Component +public class ApiAuthInterceptor implements Filter { private static final Logger LOG = LoggerFactory.getLogger(ApiAuthInterceptor.class); private static final String CERTIFICATE_X_509 = "javax.servlet.request.X509Certificate"; @@ -48,24 +53,32 @@ final class ApiAuthInterceptor extends HandlerInterceptorAdapter { this.errorLogger = errorLogger; } - @Override - public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) - throws IOException { + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { SubjectMatcher subjectMatcher = new SubjectMatcher(settings,(X509Certificate[]) request.getAttribute(CERTIFICATE_X_509)); if(settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_ONLY.value())){ - return validateCertRequest(response, subjectMatcher); + if( validateCertRequest((HttpServletResponse )response, subjectMatcher)){ + chain.doFilter(request, response); + return; + } + return; } if(isCertSubject(subjectMatcher)){ - return true; + chain.doFilter(request, response); + return; } if (isBasicAuth() ) { - return validateBasicHeader(request, response); + if(validateBasicHeader((HttpServletRequest)request, (HttpServletResponse)response)){ + chain.doFilter(request, response); + return; + } + return; } - return true; + chain.doFilter(request, response); } private boolean validateBasicHeader(HttpServletRequest request, HttpServletResponse response) |