Fix Sonar bugs

Fix sonar bugs reported in the ClampServlet

Issue-ID: POLICY-3200
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
Change-Id: I8d823d0b25d7379bb0fc8c87f31628bc63f51f5d

1 files changed, 20 insertions, 4 deletions

diff --git a/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java b/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java
index dcaa2acf3..eb64438bf 100644
--- a/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java
+++ b/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java
@@ -1,6 +1,6 @@
 /*-
  * ============LICENSE_START=======================================================
- * ONAP CLAMP
+ * ONAP POLICY-CLAMP
  * ================================================================================
  * Copyright (C) 2018, 2021 AT&T Intellectual Property. All rights
  *                             reserved.
@@ -31,12 +31,14 @@ import java.io.IOException;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 import java.util.stream.Collectors;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.camel.component.servlet.CamelHttpTransportServlet;
+import org.apache.commons.lang3.StringUtils;
 import org.onap.policy.clamp.authorization.SecureServicePermission;
 import org.springframework.context.ApplicationContext;
 import org.springframework.http.HttpStatus;
@@ -46,6 +48,7 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.User;
+import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.context.support.WebApplicationContextUtils;
 
 public class ClampServlet extends CamelHttpTransportServlet {
@@ -70,9 +73,22 @@ public class ClampServlet extends CamelHttpTransportServlet {
     private static List<SecureServicePermission> permissionList;
 
     private synchronized List<String> loadDynamicAuthenticationClasses() {
-        return Arrays.stream(WebApplicationContextUtils.getWebApplicationContext(getServletContext())
-                .getEnvironment().getProperty(AUTHENTICATION_CLASS).split(",")).map(String::trim)
-                .collect(Collectors.toList());
+        WebApplicationContext webAppContext = WebApplicationContextUtils.getWebApplicationContext(getServletContext());
+        if (webAppContext != null) {
+            String authClassProperty = webAppContext.getEnvironment().getProperty(AUTHENTICATION_CLASS);
+            if (StringUtils.isBlank(authClassProperty)) {
+                return Arrays.stream(authClassProperty.split(",")).map(String::trim)
+                        .collect(Collectors.toList());
+            }
+            logger.warn(
+                    "No authentication classes defined in Clamp BE config " + AUTHENTICATION_CLASS
+                            + " AAF authentication could be broken due to that");
+        } else {
+            logger.error(
+                    "WebApplicationContext is NULL, no authentication classes will be loaded in clamp BE"
+                            + ", AAF authentication could be broken");
+        }
+        return Collections.emptyList();
     }
 
     private synchronized List<SecureServicePermission> getPermissionList() {