diff options
author | Vijay Venkatesh Kumar <vv770d@att.com> | 2019-06-07 17:15:15 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-06-07 17:15:15 +0000 |
commit | 2bff7994a2bf880694a4c967b488ce55f3911af2 (patch) | |
tree | 18f74277a0d6c3fd4511d0770105fbb9f54f1618 /src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java | |
parent | d32da9e8d66106f4ee69e10e02f834664c7225ad (diff) | |
parent | 28144714a27e0463e181924ac51fa74c48810489 (diff) |
Merge "Basic auth not working"5.0.1-ONAP
Diffstat (limited to 'src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java')
-rw-r--r-- | src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java index 6259ea20..9b387b84 100644 --- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java +++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java @@ -23,7 +23,11 @@ import io.vavr.control.Option; import java.io.IOException; import java.security.cert.X509Certificate; import java.util.Base64; -import java.util.stream.Collectors; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.onap.dcae.ApplicationSettings; @@ -32,9 +36,10 @@ import org.onap.dcae.common.configuration.SubjectMatcher; import org.onap.dcaegen2.services.sdk.security.CryptPassword; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; +import org.springframework.stereotype.Component; -final class ApiAuthInterceptor extends HandlerInterceptorAdapter { +@Component +public class ApiAuthInterceptor implements Filter { private static final Logger LOG = LoggerFactory.getLogger(ApiAuthInterceptor.class); private static final String CERTIFICATE_X_509 = "javax.servlet.request.X509Certificate"; @@ -48,24 +53,32 @@ final class ApiAuthInterceptor extends HandlerInterceptorAdapter { this.errorLogger = errorLogger; } - @Override - public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) - throws IOException { + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { SubjectMatcher subjectMatcher = new SubjectMatcher(settings,(X509Certificate[]) request.getAttribute(CERTIFICATE_X_509)); if(settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_ONLY.value())){ - return validateCertRequest(response, subjectMatcher); + if( validateCertRequest((HttpServletResponse )response, subjectMatcher)){ + chain.doFilter(request, response); + return; + } + return; } if(isCertSubject(subjectMatcher)){ - return true; + chain.doFilter(request, response); + return; } if (isBasicAuth() ) { - return validateBasicHeader(request, response); + if(validateBasicHeader((HttpServletRequest)request, (HttpServletResponse)response)){ + chain.doFilter(request, response); + return; + } + return; } - return true; + chain.doFilter(request, response); } private boolean validateBasicHeader(HttpServletRequest request, HttpServletResponse response) |