diff options
author | sebdet <sebastien.determe@intl.att.com> | 2019-10-10 11:40:27 +0200 |
---|---|---|
committer | Sébastien Determe <sebastien.determe@intl.att.com> | 2019-10-10 09:43:32 +0000 |
commit | 13ab11a844d840025d153f7eac9109fbbe1c6b08 (patch) | |
tree | b133f59c17e1c1045043aa1de914b28a45c03df2 /src/main/java/org | |
parent | 29b3d25ef74df7ba92f0fc6fcd70344b818625a9 (diff) |
Rework the clamp cadi filter
Add test and rework the code for X509 certificate
Issue-ID: CLAMP-519
Change-Id: I3c0aa05cd4bec24770243b86a4672ff3906afba5
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
Diffstat (limited to 'src/main/java/org')
-rw-r--r-- | src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java index 7e104c74b..cd141ae77 100644 --- a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java +++ b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java @@ -144,16 +144,22 @@ public class ClampCadiFilter extends CadiFilter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { try { - String certHeader = URLDecoder.decode(((HttpServletRequest) request).getHeader("X-SSL-Cert"), - StandardCharsets.UTF_8.toString()); + String certHeader = ((HttpServletRequest) request).getHeader("X-SSL-Cert"); if (certHeader != null) { - CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate) certificateFactory - .generateCertificate(new ByteArrayInputStream(certHeader.getBytes())); - request.setAttribute("javax.servlet.request.X509Certificate", cert); - + .generateCertificate(new ByteArrayInputStream( + URLDecoder.decode(certHeader, StandardCharsets.UTF_8.toString()).getBytes())); + X509Certificate[] certifArray = ((X509Certificate[]) request + .getAttribute("javax.servlet.request.X509Certificate")); + if (certifArray == null) { + certifArray = new X509Certificate[] { cert }; + request.setAttribute("javax.servlet.request.X509Certificate", certifArray); + } else { + certifArray[0] = cert; + } } + } catch (CertificateException e) { logger.error("Unable to inject the X.509 certificate", e); } |