diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/main/java/org/onap/policy/clamp/clds/ClampServlet.java | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java b/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java index dcaa2acf3..eb64438bf 100644 --- a/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java +++ b/src/main/java/org/onap/policy/clamp/clds/ClampServlet.java @@ -1,6 +1,6 @@ /*- * ============LICENSE_START======================================================= - * ONAP CLAMP + * ONAP POLICY-CLAMP * ================================================================================ * Copyright (C) 2018, 2021 AT&T Intellectual Property. All rights * reserved. @@ -31,12 +31,14 @@ import java.io.IOException; import java.security.Principal; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.List; import java.util.stream.Collectors; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.camel.component.servlet.CamelHttpTransportServlet; +import org.apache.commons.lang3.StringUtils; import org.onap.policy.clamp.authorization.SecureServicePermission; import org.springframework.context.ApplicationContext; import org.springframework.http.HttpStatus; @@ -46,6 +48,7 @@ import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.User; +import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; public class ClampServlet extends CamelHttpTransportServlet { @@ -70,9 +73,22 @@ public class ClampServlet extends CamelHttpTransportServlet { private static List<SecureServicePermission> permissionList; private synchronized List<String> loadDynamicAuthenticationClasses() { - return Arrays.stream(WebApplicationContextUtils.getWebApplicationContext(getServletContext()) - .getEnvironment().getProperty(AUTHENTICATION_CLASS).split(",")).map(String::trim) - .collect(Collectors.toList()); + WebApplicationContext webAppContext = WebApplicationContextUtils.getWebApplicationContext(getServletContext()); + if (webAppContext != null) { + String authClassProperty = webAppContext.getEnvironment().getProperty(AUTHENTICATION_CLASS); + if (StringUtils.isBlank(authClassProperty)) { + return Arrays.stream(authClassProperty.split(",")).map(String::trim) + .collect(Collectors.toList()); + } + logger.warn( + "No authentication classes defined in Clamp BE config " + AUTHENTICATION_CLASS + + " AAF authentication could be broken due to that"); + } else { + logger.error( + "WebApplicationContext is NULL, no authentication classes will be loaded in clamp BE" + + ", AAF authentication could be broken"); + } + return Collections.emptyList(); } private synchronized List<SecureServicePermission> getPermissionList() { |