Basic auth not working5.0.2-ONAP 4.0.0-ONAP 1.4.5 elalto dublin

https://jira.onap.org/browse/DCAEGEN2-1541 Issue-ID: DCAEGEN2-1541 Change-Id: I61211b7a4693fea60b6da4bc460c2be47a41efa7 Signed-off-by: Zlatko Murgoski <zlatko.murgoski@nokia.com>
author: Zlatko Murgoski <zlatko.murgoski@nokia.com> 2019-06-07 18:09:53 +0200
committer: Zlatko Murgoski <zlatko.murgoski@nokia.com> 2019-06-07 16:27:17 +0000
commit: bed349adecc488eb04ea413b8f06d7d3d032a907 (patch)
tree: 703da6bd29ccc24cd1f399a22f5a7081bc370253 /src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
parent: 5caf0800a080d3ac4fb9573b319336160b2ebcba (diff)
1 files changed, 23 insertions, 10 deletions
diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
index 7d3d2929..3da37c61 100644
--- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
+++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
@@ -23,7 +23,11 @@ import io.vavr.control.Option;
 import java.io.IOException;
 import java.security.cert.X509Certificate;
 import java.util.Base64;
-import java.util.stream.Collectors;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.onap.dcae.ApplicationSettings;
@@ -32,9 +36,10 @@ import org.onap.dcae.common.configuration.SubjectMatcher;
 import org.onap.dcaegen2.services.sdk.security.CryptPassword;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+import org.springframework.stereotype.Component;
 
-final class ApiAuthInterceptor extends HandlerInterceptorAdapter {
+@Component
+public class ApiAuthInterceptor implements Filter {
 
     private static final Logger LOG = LoggerFactory.getLogger(ApiAuthInterceptor.class);
     private static final String CERTIFICATE_X_509 = "javax.servlet.request.X509Certificate";
@@ -48,24 +53,32 @@ final class ApiAuthInterceptor extends HandlerInterceptorAdapter {
         this.errorLogger = errorLogger;
     }
 
-    @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
-        throws IOException {
 
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
         SubjectMatcher subjectMatcher = new SubjectMatcher(settings,(X509Certificate[]) request.getAttribute(CERTIFICATE_X_509));
 
         if(settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_ONLY.value())){
-            return validateCertRequest(response, subjectMatcher);
+            if( validateCertRequest((HttpServletResponse )response, subjectMatcher)){
+                chain.doFilter(request, response);
+                return;
+            }
+            return;
         }
 
         if(isCertSubject(subjectMatcher)){
-            return true;
+            chain.doFilter(request, response);
+            return;
         }
 
         if (isBasicAuth() ) {
-            return validateBasicHeader(request, response);
+            if(validateBasicHeader((HttpServletRequest)request, (HttpServletResponse)response)){
+                chain.doFilter(request, response);
+                return;
+            }
+            return;
         }
-        return true;
+        chain.doFilter(request, response);
     }
 
     private boolean validateBasicHeader(HttpServletRequest request, HttpServletResponse response)
author	Zlatko Murgoski <zlatko.murgoski@nokia.com>	2019-06-07 18:09:53 +0200
committer	Zlatko Murgoski <zlatko.murgoski@nokia.com>	2019-06-07 16:27:17 +0000
commit	bed349adecc488eb04ea413b8f06d7d3d032a907 (patch)
tree	703da6bd29ccc24cd1f399a22f5a7081bc370253 /src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
parent	5caf0800a080d3ac4fb9573b319336160b2ebcba (diff)